[plug] OT: Smoothwall

EarnshawM at wa.switch.aust.com EarnshawM at wa.switch.aust.com
Mon Aug 13 09:46:41 WST 2001 

List,

As this may not be strictly Linux orientated if the thread is of concern
please communicate directly. I have tried the firewall newsgroup but it
appears unreassuringly mute on this subject.

I am trailing Smoothwall at home. Installs easy and it "appears" to work
fine, I can see the dropped packets very easily.

Now I am fairly new to this, previously lived in a Windows world where
sharing information is good and there are no bad people - right? I am
fairly happy with Linux as my fileserver, but I don't use it in depth -  a
glossy knowledge if you will.

Questions:

1. Without being too paranoid, how secure can you be sitting behind a
software firewall?
2. By default Smoothwall drops all packets unless requested from in-house.
Since I use one of the standard reserved IP ranges, like most people I
suppose, how do I or should I go about detecting "spoofed" <?> intrusions,
where some sends a packet with a incorrectly reported ip .. 192.168.1.1 for
example. I know they should be dropped when traversing the Internet but I
do seem them every now and then in some logs at work.
3. I hear of "holes" being "punched" through port 80 etc, I can imagine
what it means but how do you prevent it/detect it, if I was going to host
my own web server for family pics etc. Is this where the webserver sits
between two firewalls? DMZ?
4. I am in a debate regarding the "benefit" of Smoothwall since it can be
configured to ssh in to administer. I like the idea but a colleague hates
it, gives the bad guys another front to attack. Yet the same colleague is
quiet happy to allow port forwarding of ssh through the firewall to the
main server ... any comments?

I appreciate the principle of security in depth, so I do apply certain
security to my server too, ipchains etc


Regards,

-----------------------------------------------------------------------------

Mike Earnshaw      | "It is the most persistent and greatest adventure in
 Systems Support   |  human history, this search to understand the
universe,
   Engineer        |  how it works and where it came from."
                   |                                       Murray Gell-Mann
-----------------------------------------------------------------------------

   ,-._|\    Union Switch & Signal
  /      \   24 Bannick Court
  *_.--._/   Canning Vale, WA 6155, Western Australia
        v    Tel : +61 8 9256 0023  Fax : +61 8 9256 1199
-----------------------------------------------------------------------------

More information about the plug mailing list