On Saturday 13 November 2004 08:38 pm, Alan Dayley kindly wrote:
> Dennis Kibbe said:
> > Sounds like your Slackware box would do better used if it were turned
> > into a firewall for the entire office. Look at smoothwall[1] or
> > IPCOP[2].
>
> I highly recommend IPCop. Smoothwall is good too but I found IPCop more
> responsive to the community. YMMV.
I've skimmed the docs at both sites and will read more in depth over the next
few days. Most people seem to recommend IPcop over Smoothwall for features
and ease of use. But then Dennis knows and likes Smoothwall. I respect both
of your opinions. I think, if my boss permits this, that I'll go with the one
that has the most understandable documentation for my slow learning curve.
>
> Remember, a firewall is not a total solution. It keeps people outside
> from connecting in or seeing the boxes on the inside. It does not, of
> itself, stop malware email attachments or installation of spyware via web
> site clicks or plug all security holes. But it goes a long way to solving
> the problem. You still need a means of detecting or stopping malware that
> a user installs via ignorance. That is where the SpyBot and Ad-Aware come
> in, as Dennis also pointed out.
Thanks for this bit of info, Alan. This is one of the things I was still
concerned about but didn't know how to express.
>
> It is also possible to install additional filters on your firewall to
> prevent users from visiting known bad sites (Dan's Guardian
> [http://dansguardian.org/], which can be added to IPCopn
> [http://firewalladdons.sourceforge.net/cop.html]) and preventing malware
> that is inside the firewall from communicating out
> (http://firewalladdons.sourceforge.net/blockouttraffic.html).
I've been reading in this list that people recommend Dan's Guardian. Been
meaning to learn about it. Now seems like a good time.
I've had good success installing a hosts file that lists bad sites and points
them to 0.0.0.0 but maybe something like Dan's Guardian is a more elegant
solution.
>
> Don't be overwhelmed by all this. It is really not that hard. If you are
> concerned, we can help here or schedule help at the next InstallFest to
> get things going. Remember, the nice thing about this is that once you
> have it setup, it just works with very little maintainence effort.
Maybe my boss will let me bring the little box to the next InstallFest so we
could put IPcop or Smoothwall on it there? I hate to wait that long, though,
if he gives me the go-ahead. I also need to obtain a copy of one of these.
Thank you all so much!
Siri Amrit
(maybe this isn't OT anymore?)
>
> Alan
>
>
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change you mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
(text/plain)