.

options for DMZ/Firewall solution

<<

MrMister

Newbie
Newbie

Posts: 3

Joined: Fri Oct 08, 2010 1:15 pm

Post Fri Oct 08, 2010 1:52 pm

options for DMZ/Firewall solution

I was looking to implement a DMZ to seperate untrusted public from trusted LAN.

From experience, can anybody suggest a good *nix based solution for perimiter firewall/router?

I've looked a zeroshell and ClearOS...hoping somebody can share experiences they have encounter down this road.

im new here by the way, this place has an amazing amount of good information  ;D
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Fri Oct 08, 2010 5:23 pm

Re: options for DMZ/Firewall solution

Welcome to the forums!

Check out: http://www.pfsense.org/
The day you stop learning is the day you start becoming obsolete.
<<

COm_BOY

User avatar

Full Member
Full Member

Posts: 129

Joined: Tue Feb 03, 2009 10:40 am

Post Fri Oct 08, 2010 5:32 pm

Re: options for DMZ/Firewall solution

Pfsence is a good choice , there are couple of similar stuff in the area but pfsence is a good tested one by several organizations along with that it is based on BSD system rather then Linux which gives you more stability and security I believe
It has become appallingly obvious that our technology has exceeded our humanity.
<<

MrMister

Newbie
Newbie

Posts: 3

Joined: Fri Oct 08, 2010 1:15 pm

Post Fri Oct 08, 2010 9:06 pm

Re: options for DMZ/Firewall solution

thanks, this should work well.

ive been looking to get my hands on a bsd system for some time...ill repost after ive tested it out this weekend.
<<

MaXe

User avatar

Hero Member
Hero Member

Posts: 671

Joined: Tue Aug 17, 2010 9:49 am

Post Sat Oct 09, 2010 10:17 am

Re: options for DMZ/Firewall solution

MrMister wrote:thanks, this should work well.

ive been looking to get my hands on a bsd system for some time...ill repost after ive tested it out this weekend.


FreeBSD  ;D There you go: www.freebsd.org/&nbsp; ;)
I'm an InterN0T'er
<<

MrMister

Newbie
Newbie

Posts: 3

Joined: Fri Oct 08, 2010 1:15 pm

Post Tue Oct 12, 2010 5:12 pm

Re: options for DMZ/Firewall solution

my pfsense box is up and running. so far so good ;D

its nice to be able to watch all incoming and outgoing connections on the perimiter. the default rules that came with install were sufficient enough for me to watch the traffic for awhile....i wrote a few custom chains to block some un-recognized connections. tons of features in this little box, its pretty cool.

now is time to implement the DMZ. i need to collect some equiment before hand...catalyst 2950, patch cables, and another NIC for the webserver. still playing with the idea of running my own DNS servers....virtualization could help there...need more research tho.

once i've configured the new network, ill post up any tricks or configuration tips I find. hopefully they will help another soul walking down this path. thanks for the suggestions!

Return to Network Pen Testing

Who is online

Users browsing this forum: No registered users and 2 guests

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software