Re: Firewall on gateway computer?

Douglas Mayne wrote:

On Thu, 16 Mar 2006 10:15:21 +1100, Doug Laidlaw wrote:

My wife is about to purchase a laptop which will be networked to my
Mandriva
2006 system. She will be running Windows XP. Asking her to use Linux
would not be well received ( her Adult Education instructor hasn't heard
of anybody using it.)

I am looking at firewalling. If she had her own firewall - I used to use
ZoneAlarm - she wouldn't want to be troubled with the continual questions
that ZoneAlarm asks. I was thinking of a dedicated gateway computer
running for example, IPCOP, except that I don't want another box in my
room.

It need not be a full size box. See below.

Any suggestions?

TIA,

Doug

Note: Comment inline.

If you already have an local network in your house, then you should have
some sort of firewall in place between it and the internet. The new
laptop can join your local network. If you are concerned about adding
boxes, the best per watt firewall may be the DI-604 (or equivalent from
another manufacturer).

http://www.dlink.com/products/?model=DI-604
http://www.dlink.com/products/?model=DI-524

This firewall will protect from outside attacks, but will not stop the
laptop from being infested with spyware/viruses. You can run occasional
spyware scans using BartPE's bootable CD, with Ad-aware. IMO, this
should be an essential component of anyone fooling with Windows. This CD
at least gives you a chance to detect rootkits and _count_ the
multitude of "nasties" which are probably hiding on the Windows box.

More unsolicited advice: Make a baseline backup of the laptop for easy
rollbacks to a known good state. Also, ban IE except for connecting to
the Windows Update site.

There may be reasons why you want to use your Madriva box as a router
(machismo), but maybe the little boxes have their place, too. I use both
types: iptables on Linux and dedicated hardware firewalls.

Thank you. I am currently using a NetComm router for ADSL. It has NAT and
port forwarding, but doesn't claim to be a firewall. I have an old X686
that could be set up between the router and the home network (at the moment
it is just my Linux box.)

One retailer here still has the (superseded) Netcomm NB5880 (http://www.netcomm.com.au/Spec_Sheets/NB5580_info.pdf) which seems to be equivalent to the D-Link unit.

Doug.
--
Marriage has many pains, but celibacy has no pleasures.
-- Samuel Johnson (that conceited upstart.)

.

Relevant Pages

  • Re: Seriously, now that I got Linux LiveCD running, what can I do with it? Newbie questions
    ... For example, there are some differences in the way distributions handle updates, configuration, root access, etc. - bbgruff is probably used to other distributions and was a little inaccurate about the way sudo is used in Ubuntu and Mint. ... It's probably easier for you to understand if I translate things roughly into windows terms. ... They are not entirely equivalent - MS didn't get things quite right when they copied user access from Linux for use in NT, or when they copied sudo as "user account control" in Vista. ... I don't normally configure a firewall on desktop or laptop Linux machines, and only do so on servers if they are internet-accessible. ...
    (comp.os.linux.setup)
  • Re: Seriously, now that I got Linux LiveCD running, what can I do with it? Newbie questions
    ... as opposed to in Windows. ... this is not a software firewall as in Windows. ... firewalling code in GNU/Linux is actually part of the Linux kernel ... Kubuntu, Xubuntu et al, the first user account created at installation ...
    (comp.os.linux.setup)
  • Re: Seriously, now that I got Linux LiveCD running, what can I do with it? Newbie questions
    ... In Linux, there are three sorts of users - root, system users, and ... non-administrator users on Windows. ... I have a postgresql database server running on this system. ... especially if you have a hardware firewall ...
    (comp.os.linux.setup)
  • Re: [fw-wiz] Recommendation needed for a firewall appliance
    ... >>I was unsuccessful in getting an IPSec VPN going with a Win2K ... >There are several firewall specific linux distros, Astaro, Coyote ... >There are some small firewall units, and there are small Managed Security ... >> for Windows, OSX and Linux. ...
    (Firewall-Wizards)
  • [SLE] Re: SUSE Firewall primitive shadow of ZoneAlarm in interactive user-control
    ... It functions the same on Windows ... Many firewall products have this feature. ... Firefox does this on Linux. ... Intrusion Detection systems have nothing to do with viruses. ...
    (SuSE)