Employee Posted July 25, 2006 Share Posted July 25, 2006 I have a pentium 1 computer with not much on it, and a pentium 3 with 512mb of ram. What should I do with them? Quote Link to comment Share on other sites More sharing options...
VaKo Posted July 25, 2006 Share Posted July 25, 2006 LAMP server or the like? Quote Link to comment Share on other sites More sharing options...
stingwray Posted July 25, 2006 Share Posted July 25, 2006 Pentium 1 - Turn into a firewall/gateway, with something like M0n0wall and ditch your horrible consumer router (if you have one). Pentium 3 - VPN/DNS/IDS/Proxy to make your network run blisteringly fast and have very very good security. (Using Linux/BSD Distro of your choise, my recommendations, FreeBSD/Suse if you want to be able to do it quickly without much knowledge. Or to be uber 1337 use OpenBSD, which unless you know OpenBSD already, has an extremely steep learning curve, i still think its beyond the vertical, i.e. greater than 90 degress.) Quote Link to comment Share on other sites More sharing options...
metatron Posted July 25, 2006 Share Posted July 25, 2006 Honeypot and Asterisk box. Quote Link to comment Share on other sites More sharing options...
VaKo Posted July 25, 2006 Share Posted July 25, 2006 How does a honey pot work? And how does a IDS work? My freeBSD box is kicking for functions right now. Quote Link to comment Share on other sites More sharing options...
rFayjW98ciLoNQLDZmFRKD Posted July 25, 2006 Share Posted July 25, 2006 Cluster! http://clusterknoppix.sw.be/ Quote Link to comment Share on other sites More sharing options...
stingwray Posted July 25, 2006 Share Posted July 25, 2006 Cluster! http://clusterknoppix.sw.be/ For some reason I think a cluster might be a really pointless application for those two computers. VaKo, IDS is usually signiture based and you make all the traffic from your network go into a specific nic on the IDS server (usually be network taps or mirroring ports on switches/routers) and then it looks at all the traffic, compares it to the signitures and rules and if it finds something dodgy, like someone is port scanning your private IP range then you can set it up to warn you or do something. Have a look at Snort for a open-source IDS system, very good documentation. http://www.snort.org/ And this how a honeypot works: http://en.wikipedia.org/wiki/Honeypot_%28computing%29. Quote Link to comment Share on other sites More sharing options...
VaKo Posted July 25, 2006 Share Posted July 25, 2006 Nice one, thanks. Total n00b question I know, but since most of the documentation is geared for people who have a clue i have to ask. Is it a case of dedicating an entire box to Snort, or can i add a 2nd NIC to a box and use a general web/file/radius server as my IDS as well? And would I need a switch with a monitor port, or could i just softmod a wrt54g to do the same? Quote Link to comment Share on other sites More sharing options...
stingwray Posted July 25, 2006 Share Posted July 25, 2006 You can use a machine running other services, but you need 2 nics, one which all the other services listen on and communicate on, then the other for Snort to monitor the network traffic on. Snort will then communicate through the first interface if it needs to acces the network. I would recommend building a network tap, there not expensive, as most consumer routers/switches don't support port mirroring (i haven't seen a hack for something either). This is how to build a passive network tap http://www.snort.org/docs/tap/. Quite simple, and I have one placed between my router and the first switch onto the network. That way all network traffic leaving the network or coming in from the internet is monitored, I considered this the most important area to monitor. Quote Link to comment Share on other sites More sharing options...
metatron Posted July 25, 2006 Share Posted July 25, 2006 How does a honey pot work? And how does a IDS work? My freeBSD box is kicking for functions right now. Honey Pot Systems are decoy servers or systems setup to gather information regarding an attacker or intruder into your system. It is important to remember that Honey Pots do not replace other traditional Internet security systems; they are an additional level or system.Honey Pots can be setup inside, outside or in the DMZ of a firewall design or even in all of the locations although they are most often deployed inside of a firewall for control purposes. In a sense, they are variants of standard Intruder Detection Systems (IDS) but with more of a focus on information gathering and deception. An example of a Honey Pot systems installed in a traditional Internet security design: A Honey Pot system is setup to be easier prey for intruders than true production systems but with minor system modifications so that their activity can be logged of traced. The general thought is that once an intruder breaks into a system, they will come back for subsequent visits. During these subsequent visits, additional information can be gathered and additional attempts at file, security and system access on the Honey can be monitored and saved. http://www.sans.org/resources/idfaq/honeypot3.php something like Honeyd creates virtual hosts on a network. The hosts can be configured to run arbitrary services, and their personality can be adapted so that they appear to be running certain operating systems. Honeyd enables a single host to claim multiple addresses. Quote Link to comment Share on other sites More sharing options...
VaKo Posted July 25, 2006 Share Posted July 25, 2006 Nice one guys. When freebsd finishes ...compiling i'll give this a try Quote Link to comment Share on other sites More sharing options...
metatron Posted July 25, 2006 Share Posted July 25, 2006 I run a Honeypot on an OpenBSD box and it makes me laugh the amount of abuse it takes. Quote Link to comment Share on other sites More sharing options...
melodic Posted July 25, 2006 Share Posted July 25, 2006 set them on fire? Quote Link to comment Share on other sites More sharing options...
VaKo Posted July 25, 2006 Share Posted July 25, 2006 I'm just starting to learn my way around freeBSD, what are the pros of using openBSD and how does it compare to freeBSD in terms of usability and community support for idiots like myself? Quote Link to comment Share on other sites More sharing options...
Sparda Posted July 25, 2006 Share Posted July 25, 2006 Turn the computers in to desktop computers! DSL FTW! Quote Link to comment Share on other sites More sharing options...
rFayjW98ciLoNQLDZmFRKD Posted July 25, 2006 Share Posted July 25, 2006 set them on fire? You only do that with dead hardware, and most times, you can strip all of the hardware out of it that works. Quote Link to comment Share on other sites More sharing options...
stingwray Posted July 25, 2006 Share Posted July 25, 2006 I'm just starting to learn my way around freeBSD, what are the pros of using openBSD and how does it compare to freeBSD in terms of usability and community support for idiots like myself? The difference between FreeBSD and OpenBSD is OpenBSD prides itself on security, only one remote security hole in 8 years in a default installation. Which I think anyone has to say is pretty impressive. FreeBSD makes a better desktop OS in my opinion and probably wouldn't use OpenBSD as my desktop. OpenBSD group is also responsible for things like OpenSSL and pf to name a couple of well know applications. OpenBSD is very hard to learn though, you really need a good book and time with a machine and the documentation to use it. I recently found this website that might help, it looks quite good but haven't had a good look yet. http://www.openbsd101.com/ Probably I would recommend that you stick to FreeBSD and learn that well, you would be then well suited to explore OpenBSD and you should pick it up much quicker. Its also worth noting the OpenBSD community can be very unforgiving. There are some really great people out there that will help you but I find the majority of OpenBSD users a tad on the snobbish side. Say you ask for help on a subject, if it is in the documentation they will just tell you to read the documentation, not which documentation or any specifics. And thats a fairly nice responce. Quote Link to comment Share on other sites More sharing options...
VaKo Posted July 25, 2006 Share Posted July 25, 2006 The site looks pretty good, thanks. But for the moment I'll stick to freeBSD as sugguested. I just got rid of the gui :-) Quote Link to comment Share on other sites More sharing options...
metatron Posted July 25, 2006 Share Posted July 25, 2006 I'm just starting to learn my way around freeBSD, what are the pros of using openBSD and how does it compare to freeBSD in terms of usability and community support for idiots like myself? The thing with OpenBSD that you have to keep in mind before you even think about using it is it’s security and stability first and usability later, I believe it also supports a greater number of platforms. FreeBSD on the other hand has usability as their key target and security and stability second which is one of the reasons I don’t use it, the other is, I am use to OpenBSD and I see little point in switching to an OS which is inferior to OpenBSD. Community support does exist for OpenBSD but it’s not as good as FreeBSD’s, generally speaking if you use OpenBSD you are expected to know how it works. It is not noob friendly in anyway. Quote Link to comment Share on other sites More sharing options...
Famicoman Posted July 25, 2006 Share Posted July 25, 2006 -Make a Firewall -Make a Web server -You could cluster them, but it wouldn't be too useful -Make one a dedicated Folding@Home box -Make one an FTP Server Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.