| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 32215 | 2003-04-12 08:32:00 | Using an old PC as a firewall | Jester (13) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 135260 | 2003-04-12 10:54:00 | I have never used Linux before getting IPCOP, the hardest thing was using RAWRITE to make the boot floppy, they also give you the windows version to make the boot floppy. (make sure you have a NIC that is recognized and an external modem for maximum compatibility. to see a list run the install one and don't do probe for NIC chose select a Network card. here is a brief loading description. put floppy disk in, turn on, press enter to load from floppy disk,select your method of installation (CD or from internal http:// site). select language, press enter a couple of times, select NIC for GREEN side choose your connection type for the RED side. (green is network red is internet.) select your passwords . NOTE ON PASSWORDS: you can only log on as one of three users ROOT is GOD, SETUP gives you your options for network. ADMIN CAN NOT LOG ON AT THE PC..... you can only log on to ADMIN from any computer on your trusted side. that is where your graphs, proxy servers, et c. **ENABLE SNORT** Once I had NIC's installed that IPCOP could recognize the complete install was 12 minutes on a P120 with 64MB Ram **take note i have never touched linux before** and i was browsing on the internet The ISO is 26MB your browse to the IP address you create in SETUP user mode. using the ADMIN username and password. |
Wayne H (1736) | ||
| 135261 | 2003-04-12 10:55:00 | I would actually recommend IPcop over Smoothwall. Here is why: - The lead developer of Smoothwall has an extremely bad attitude (And I mean bad!) See www.linux.gen.nz for just one example that happened to the admin of the NZ Linux Users Group mailing list. A quick google around reveals some more cases wind.prohosting.com and Smoothwall CEO attacks UK Linux Community (www.mandrakeforum.com) - Smoothwall is actually a commercial product. Although they have a GPL version of it, it is rather crippled as they are trying to push their commercial version. (For example, I don't think the GPL version even uses ext3 (Which is a filesystem with journalling). Rather, it still uses the old ext2 that doesn't have journalling. If you want ext3 support, you have to buy the commercial version. - IPcop is actually a fork of Smoothwall so you aren't actually losing anything. It was forked because of the reasons above. IPcop is not interested in money like the Smoothwall developers are. Don't get me wrong, Smoothwall may be a great product, but I find these things come in handy when trying to make a choice between alternatives. Anyway, thats my $0.02 :) |
segfault (655) | ||
| 135262 | 2003-04-12 14:21:00 | ok, in order: jester, what are you using to connect to the internet? an internal pci modem or a router? both smoothwall and ipcop are at this time useless for internal modems of both dial up (PCI/winmodem) and adsl variety. For dial up, get a hardware internal.. try an ISA modem (which perform better than winmodems anyway) or an external. For adsl, get a router or a usb modem - if usb, preferably an alcatel speedtouch usb ("stingray"). Next up, what are the specs on the box you have available to use? Once you can tell us a) what you are using for connectivity and b) what your system specs are, we can better advise you with regards to setup/config/the actual plausability of it/which firewall product to actually use. Gorela - LRP is great, but remember he is new to linux.. keep things simple for him, this is where smoothwall and ipcop are great - they are basically set and forget.. LRP does not offer this to nix beginners. Have you heard of freesco (http://www.freesco.org)? I've never tried it but it looks ok... Segfault- "- The lead developer of Smoothwall has an extremely bad attitude (And I mean bad!)" Richard is gone: www.dickmorrell.com or www.smoothwall.co.uk As for not recommending smoothwall because of his attitude? ok, i dont recommend linux because of the elitist patronising attitude of the linux community as a whole. Both are recommendations based on a bias, which while true, are still a bias - its also discrimination in a way. Therefore, both recommendations are moronic and null. Here's my even-handed opinion: You can happily download and use smoothwall and NEVER have to come across dick morrell packing a hissyfit. I have, and i've seen dick pack a psych or two.. no skin off my nose at all. When someone is childish do you act childish in retaliation or do you act maturely and ignore them? ipcop is based on open source smoothwall code. All the devs did at the start was take the code, slap their name on it and change the logo image in the webui. This defies GNU/GPL, and blatantly goes against everything the open source community is based on and holds dear. BUT on the flipside, having the forked communities does bring variety, and intercompatibility of tweaks, modifications and support. What this means is that a problem on a smoothwall box could be fixed with support from the ipcop community and vice versa, and third party tweaks from one can be applied to the other and again vice versa. So its up to you which one you use: Smoothwall; the true deal, or IPCop; the GPL defying ripoff. richard morrell's behaviour should have NO impact on your decision because he will not affect you at all. At the end of the day you are using a product that protects your network. Do you want one that abides by the GPL like it claims to or one that pisses all over the GPL? The choice is yours, I respect it either way. "- Smoothwall is actually a commercial product." smoothwall started out as a GPL product. They then forked to a semi-closed source commercial product to help pay some of the bills that went along with bandwidth/hosting... its just basic sense - sadly the internet is not free as in beer. GPL came first, not the corporate product, please make that clear. I would not recommend either over the other, I prefer in fact to inform of the TRUTH so that a person can make an informed decision. And finally, some linkage for any smoothie users: martybugs.net www.quarkav.com |
whetu (237) | ||
| 135263 | 2003-04-12 22:53:00 | Hi, here are some details . . . I connect to the net currently with a Dynalink USB ADSL external modem, on my main PC, which is a P3 800 with 384 RAM . I have sitting idle a p133 with 48megs RAM, either a 2GB or 4 . 3GB drive (depending on what would be best use of resources), that is currently running Win98 . The old box doesn't have USB, and this is what sort of confuses me, I guess I need to install an USB PCI card to get this going . . . and install drivers somehow onto the old box under the linux o/s? I have an AMD 350 - Win98 PC (work stuff) and an P90 - Win95 PC (holds back-up of docs, programs and mp3's etc) on the network as well . Currently they all connect to the XP machine through a hub, under XP ICS . I looked at Freesco before I posted here (lots of links to it on Google), but they seem to be redeveloping the site and there are a lot of broken links . The political goings on of a company won't affect me here at home, so, whilst the info is interesting, it doesn't really matter, to me :) Cheers for all your advice and help! J :D |
Jester (13) | ||
| 135264 | 2003-04-13 00:03:00 | Hi Jester, The specs you give are more than adequate for Smoothwall/IPCop . If you go with either of these products the 2Gb hard drive would be considered overkill :) As you mention the sticking point will be the usb modem . Smoothwall 2 . 0 ( . smoothwall . org/beta" target="_blank">ww . smoothwall . org) is a beta (not for general use) product that has some bugs, but has superior usb connectivity and could well be worth looking at . Another alternative would be to set up a standard linux pc and use Shorewall (http://www . shorewall . net) This comes standard with Mandrake 9 . 0 and is quite impressive . A nmap scan against that set at "Higher" (one down from paranoid :D ) doesn't even register the PC! But, you may still have a problem with the usb . You could look at ADSL ( . unixathome . org/adsl" target="_blank">www . unixathome . org) archives, but a quick search failed to find anything relevant to your Dynalink . It looks like you might have to do the JT Kirk thing . . . . . Boldly going :D |
Gorela (901) | ||
| 135265 | 2003-04-13 00:26:00 | Whetu, Cheers for the link. Could be fun :D |
Gorela (901) | ||
| 135266 | 2003-04-13 00:29:00 | currently all of those boxes are fine with smoothwall/ipcop... it's not required, but 32meg is a good level to stay above with these two.. I would personally install it on the p133 on the 2gig drive.. take out the other drive and biff it in another one of the boxes. As for the usb problem.. I'm not too sure if a pci card will get you up and going... give it a shot and if it doesnt work, take the pci card back for a refund ;) and another thing you might want to try is finding a pentium-mmx cpu on trademe... you'll notice the performance increase when you are remote admining |
whetu (237) | ||
| 135267 | 2003-04-13 00:31:00 | hehe thats what happens when you go and have subway for breakfast without actually posting the message :) | whetu (237) | ||
| 135268 | 2003-04-13 03:27:00 | > Segfault- > "- The lead developer of Smoothwall has an extremely > bad attitude (And I mean bad!)" > > Richard is gone: > www.dickmorrell.com > or > www.smoothwall.co.uk I wasn't aware of that, cheers. > As for not recommending smoothwall because of his > attitude? ok, i dont recommend linux because of the > elitist patronising attitude of the linux community > as a whole. Both are recommendations based on a > bias, which while true, are still a bias - its also > discrimination in a way. Therefore, both > recommendations are moronic and null. The reason I brought it up, was that if he has an attitude toward some fairly minor problems, then what is the quality of Smoothwall going to be like? I didn't suggest either way in my post, but it makes me wonder. But he is gone now, so that is pretty much irrelevant now. Of course though, nothing beats building your own Linux based gateway/firewall ;-) |
segfault (655) | ||
| 135269 | 2003-04-13 04:25:00 | >It looks like you might have to do the JT Kirk thing.....Boldly going Whats that? |
PoWa (203) | ||
| 1 2 3 | |||||