RE: RE: Pros and against using Multiple firewalls in a network ru nning on Win2k Advanced server.(repost.. Previous post was missing the su bject line)
From: Patrick Andry (pandry@wolverinefreight.ca)Date: 09/27/01
- Previous message: Mike Wilson: "RE: Source port 69"
- Maybe in reply to: Atkinson, Daniel: "RE: RE: Pros and against using Multiple firewalls in a network ru nning on Win2k Advanced server.(repost.. Previous post was missing the su bject line)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Message-ID: <905B0AED03EFD411BB60000629A8D28905D442@wfsnt.wolverinefreight.ca> From: Patrick Andry <pandry@wolverinefreight.ca> To: "'j.roxo@sotagus.pt'" <j.roxo@sotagus.pt>, focus-ms@securityfocus.com Subject: RE: RE: Pros and against using Multiple firewalls in a network ru nning on Win2k Advanced server.(repost.. Previous post was missing the su bject line) Date: Thu, 27 Sep 2001 12:17:16 -0400
DansGuardian is available at http://dansguardian.org
The documentation is sketchy, but basically, it is a perl program which
listens on port 8080 and acts as a prefilter to squid. The configuration
files include several plaintext lists defining banned extensions, banned
mime types, banned phrases, and exempted sites. The configuration file
controls all the content filtering based on a rating system. I suggest
setting everything as high as it will go, then slowly tightening. Setup was
about an hour, and a little extra work gave me a nice web interface for the
bosses.
I am unaware of any problems with Redhat/AMD/Squid combo. I prefer
slackware for my server setups, so I haven't run into any problems on that
line. Upgrading to RH 6.2 or better might help though. Also upgrading the
kernel to 2.4.whatever might help as well, as the TCP/IP and file systems
have been greatly improved.
As for the VLAN, that is usually handled by a switch. We use a 3com
Superstack II managed switch. The vlans were all set up before I came
aboard here, but the vlans essentially create sub-networks to isolate
peer-to-peer networking. This will prevent viruses climbing across shares
across different vlans. This model switch also allows port mirroring, so a
snort box can be set up to monitor inside traffic.
We use a Netopia 9100 router. Unfortunately it does not allow the logging
which I wanted, but hey, I spent my budget for this year on MS licenses.
Depending on how you are connected to the internet, a Linux box can be set
up to pass traffic and give you any kind of logging you want.
...
Yes, we run with only IP to the proxy server (NAT), but Im unaware if we
have a VLAN, how could this be found out?, Router?, Server setup?.
...
Yes, we are using Squid 2.4 as our proxy though Im rather worried
something might be wrong with it. Are any of you aware of any bugs with
Squid 2.4 and AMD Athlon?, or between AMD Athlon and Red Hat Linux 6.1?,
or any conflicts perhaps?.
Where can I get Dans Guardian from? Shop?, CD?, Inet?, because I had not
heard of it b4. Btw are there any good manuals on that program so as to
make the configs?.
Thnxs for all your help people =).
Jorge Roxo,
TCSA/Sotagus Computer Systems Administrator.
- Previous message: Mike Wilson: "RE: Source port 69"
- Maybe in reply to: Atkinson, Daniel: "RE: RE: Pros and against using Multiple firewalls in a network ru nning on Win2k Advanced server.(repost.. Previous post was missing the su bject line)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
