Jump to content

Protecting Home Network


Jamo
 Share

Recommended Posts

Hi,

My from the University I study I will get access MSDNAA and I can basically get one of each product for free, like Server 2008, Exchange server etc. A lot of stuff anyway.

So I might be interested to install and configure microsoft forefront threat management gateway 2010 and use it as a firewall for my internet connection at home. It might be a overkill, but a good firewall and malware protection would be nice. However I dont have that powerfull machine to run it, Im hoping to install it to HP 7700p, which I got for free from work.

But Im not sure I it's good idea to use microsoft forefront threat management gateway 2010 at home, with no domain, so Should I try first some opensource products? like smoothwall etc?

any opinion ideas thoughts?

Link to comment
Share on other sites

Well I think that My biggest problem setting that kind of server is that Im using dd-wrt wlanAP and it shares dhcp so if I put that between modem and wlanRouter it will see just one client. Ant it currently has just one LAN card...

Link to comment
Share on other sites

Can you bridge the NICs in your gateway box and insert it inline between the AP and modem? I did this with the first firewalls I built; one was OpenBSD with pf, the other was Linux with grsec/PaX/ebtables/iptables. This is fine for locking your front door, but what happens if Aurora Borealis breaks out in your kitchen?

tumblr_l94bvqqykx1qz9muno1_400.jpg

Link to comment
Share on other sites

Yea I get your point :D

Actually I might not be looking just for a firewall product.

Im actually more interested on setting up this server which would work as a firewall, caching websites, maybe block ads, and that I wound connect to it using OS'es included proxy, so I would be able to use internet without the need of using that device.

Sounds like squid :D

Link to comment
Share on other sites

Yea I get your point :D

Actually I might not be looking just for a firewall product.

Im actually more interested on setting up this server which would work as a firewall, caching websites, maybe block ads, and that I wound connect to it using OS'es included proxy, so I would be able to use internet without the need of using that device.

Sounds like squid :D

2 options you could set up a firewall box using Iptables and then install Squid for web caching.

Or install Untangle, it comes with all the options you need, some of those will have to be subscribed for.

Link to comment
Share on other sites

I do have to agree that Untangle does have its downside sometimes, but with too many Linux Firewall distros, you just have to try them out and see which one suits your needs.

1) Smoothwall

2) ClearOS

3) Untangle

4) Pfsense

Link to comment
Share on other sites

Well as I have only one network card available I can't use it as firewall + modem, so Im now configuring http://www.howtoforge.com/squid-proxy-server-on-ubuntu-9.04-server-with-dansguardian-clamav-and-wpad-proxy-auto-detection Squid ClamAv and dansguardian on VM. It seems to be working well, yet It makes internet quite slow, and blocks a lot of sites. Im not sure if it's because of clamAV or something else.

EDIT:

Actually I now have privoxy insalled with https://aur.archlinux.org/packages.php?ID=43861 AdBlock Plus block sites and it works realy well. Tomorrow Ill try to get squid and privoxy to work so it can cache websites and block ad's.

Edited by Jarmo
Link to comment
Share on other sites

Hi

I heard about this great firewall os from Tekzilla. It's called astaro and it offers one of their products free for home use. http://www.astaro.com/landingpages/en-worldwide-homeuse

It will work as Firewall, cache http sites, scans web traffic for malicious content, etc. Just what I wanted.

And it's license last's till 2015 and you should be able to get another free license after that.

Link to comment
Share on other sites

Well I think that you could install it and actually any OS to usb stick, so it could be possible to get firewall on usb stick. You'll just need two Ethernet cards for a computer to use as firewall.

And btw I ended up purchasing another Ethernet card for my setup.

Link to comment
Share on other sites

Well as I have only one network card available I can't use it as firewall + modem, so Im now configuring http://www.howtoforge.com/squid-proxy-server-on-ubuntu-9.04-server-with-dansguardian-clamav-and-wpad-proxy-auto-detection Squid ClamAv and dansguardian on VM. It seems to be working well, yet It makes internet quite slow, and blocks a lot of sites. Im not sure if it's because of clamAV or something else.

Squid uses I/O to serve the cached pages, the faster the I/O the less time it takes for a page to load on your end. You will need to invest into a faster HDD or better yet an SSD for optimum performance.

I would also suggest running Squid by itself with no other services running, the more services, the more hit in performance your VM will take. Also make sure you have allocated enough RAM, ideally between 2 to 3 GB of RAM.

I would also suggest, If you have more than one NIC available on your computer/server, to assign one of them to the VM. Dedicating one of the NICs will improve speed and delivery of the content.

Edited by Infiltrator
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...