09-21-2006
Firewall Implimentation - Recomendations
Hello, as i mentioned in my hello thread, i am working on a project to implement a Unix Firewall server for our network.
Obviously there are some basics that would need to be ironed out before i can think of doing this right. Now distro of Unix aside for now, this is what i am thinking for first steps.
Obviously, deciding i want a fire wall.
Figure out topography. Know where the server will sit when it comes to the network topography.
Decide if i want exclusive or inclusive (I am planning on Inclusive so it is more secure, yes i know it will require a lot of checking up on in the beginning.)
Essentially, at this point, what i am looking for is some advice. what do you all recommend?
Any questions you may have to assist in a good implementation of said Software Firewall? Any advice at this time would help a great deal. I figure one this is all ready to go, then i will be ready to worry about the scripting and setup of the firewall protocols and so on. Which is going to be a task in of itself. At least i have used Linux before, so i have SOME idea what i am doing.
-Path
9 More Discussions You Might Find Interesting
1. Cybersecurity
Just out of curiosity, I see a lot of people here use Linux IPTables as their firewall.
Anyone here use something else like OpenBSD PF or *BSD IPF, IPFW?
I'm quite fond of OpenBSD and their Packet Filters. I find their syntax much easier to manage and from my personal experience, I find them... (5 Replies)
Discussion started by: tarballed
5 Replies
2. Cybersecurity
Would it be possible to restrict access to internet pages in the following way?
A machine:
IP = 128.1.17.123
Only pages from domains of the type "go.jp" and "ne.jp" are viewable. All others are not viewable or only partly viewable.
B machine:
IP = 128.1.17.146
Regardless of the domain... (4 Replies)
Discussion started by: mntamago
4 Replies
3. UNIX for Dummies Questions & Answers
I am a novice to linux and unix and command line, I am willing to jump in head first. I have a couple older computers, one is a dell XPS with a P2 Proccessor and th other is a old old sony VIAO. I have a small home network 3 computers...i have my DSL modem then thats connected to my wireless... (2 Replies)
Discussion started by: Tabryan07
2 Replies
4. Shell Programming and Scripting
I wanted to enable one shell script in the cronetab,how to do crone tabe enabling pl help me:(
regards,
ramesh (1 Reply)
Discussion started by: Ramesh Vellanki
1 Replies
5. Cybersecurity
hi everyone
I am a newbee to firewall scripting. cannot understand how to write rules per host. in ip6tables.
anyone plz:( (2 Replies)
Discussion started by: xecutioner
2 Replies
6. AIX
:b:Hi,,
How do configure firewall in aix.. similar to linux iptable.
Rgards,
k.sumathi. (3 Replies)
Discussion started by: sumathi.k
3 Replies
7. SuSE
Is there a command line interface to the firewall? (4 Replies)
Discussion started by: jgt
4 Replies
8. Linux
Dear All
I have put my windows machine behind my centos firewall server with just one NIC. At now, the windows machine can ping 192.9.9.3 but cannot resolve valid url (like www.google.com). I have set DNS for it as well. Can you please let me know what is the missing step?
Thank you (6 Replies)
Discussion started by: hadimotamedi
6 Replies
9. Cybersecurity
Hey Guys,
I am looking for a good firewall software to implement in medium/large office, with at least 150 users.
I was hopping you guys could help me on this one.
Regards, (4 Replies)
Discussion started by: andrevicente
4 Replies
LEARN ABOUT DEBIAN
eurephiadm-usercerts
eurephiadm usercerts(7) eurephiadm usercerts(7)
NAME
eurephiadm-usercerts
- Managing user accounts and certificate relations
DESCRIPTION
For a user to connect to a eurephia enabled OpenVPN server, a user account must have been created and activated and an SSL certificate
available to the user must have been registered. The user account and certificate the user may use must then be linked together, and this
linking the eurephiadm usercert command takes care of.
It is also this relation which gives you the option to control which network resources the VPN clients may access, by assigning a firewall
profile to such user-certificate links.
Available modes for the usercerts command are:
-A | --add
Register a new certificate and user-cert link
-D | --delete
Delete a certificate and user-cert link
-S | --set-fwprofile
Sets the firewall access profile for a user-cert link
-l | --list
List all registered user-cert links
-h | --help <mode>
Help about a specific mode
The list mode will list all registered links between user accounts and certificates.
LIST MODE
The list mode will show all registered user-certificate links
-S | --sort <sort keys>
Define the sorting of the list
Valid sort keys are:
uid
Nummeric User ID
certid
Nummeric Certificate ID
accessprofile
Nummeric firewall profile ID
registered
According to when the user-cert was registered
uicid
Nummeric user-cert link ID
SET FW PROFILE MODE
The set-fwprofile mode will update the firewall access profile for a given user-cert link
Options: (both required)
-n | --uicid
Unique record id of certificate and user account link
-a | --accessprofile
Firewall profile ID
ADD MODE
The add mode will register a new link between a user account and a certificate.
-c | --certid
Required - Certificate ID
-i | --uid
Required - User account ID
-a | --accessprofile
Firewall profile ID to use for this access
DELETE MODE
The delete mode will delete a link between a user account and a certificate.
-c | --certid
Certificate ID
-i | --uid
User account ID
-n | --uicid
Unique record id of certificate and user account link
-a | --accessprofile
Firewall profile ID
SEE ALSO
eurephiadm-users(7), eurephiadm-certs(7), eurephiadm-fwprofiles(7)
AUTHOR
Copyright (C) 2008-2010 David Sommerseth <dazo@users.sourceforge.net>
David Sommerseth July 2010 eurephiadm usercerts(7)