Any better OS than smoothwall for internet gateway/firewall?

[kehi]

Does the smoothwall OS have any virus/spyware/spam filtering? Thanks

 

[n0cmonkey]

You can install ClamAV to help prevent viruses through e-mail, and spamassassin to help prevent spam. There might be an add-on to squid to help protect against spyware, but a good security posture at the desktop level is probably the best option.

I prefer OpenBSD myself. You can use ClamAV, spamassassin, and OpenBSD's own spamd to help out.

 

[kehi]

Right now the computers are all XP 64 based. Just tired of using this cheap pos Netgear RP614 router/gateway to share the cable connection. Also, have had some pretty nasty viruses on the machines as of late, ones that have attacked my AV program and rendered it useless.

 

[cmetz]

kehi, I don't think Smoothwall proper has this stuff. You can set up email and http proxies that can do virus filtering, that might help. If you could be more specific as to exactly what problems you want a firewall to solve, we might be able to better point out how to do it (or whether it can be done).

In general however, Windows comes as a very insecure operating system and you're going to have to do a lot of the work of trying to secure it on the systems themselves. For example, this means good anti-virus software, software firewall, and automatic updates. An intermediate system like a firewall can only do so much.

 

[kehi]

I understand that Windows is very insecure and we have a good AV program, software firewall, etc. We also use ad aware and spybot. I would just like to have a very stable router/gateway solution that provides some form of virus protection. If not, then I will do my best to secure each machine but I still need a stable router/gateway solution. Thanks for the help

 

[thirdlegstump]

The absolute best would obviously be MacOS X Server in this case. It doesn't get affected by viruses or spyware and it's super stable not to mention almost one touch setup.

 

[cmetz]

kehi, firewalls typically protect you against inbound worms like SQL Slammer that send incoming traffic to a particular port. With a little work you can drop outgoing traffic from/to certain ports and rate limit connections from each machine, which helps squash outbound worms. You can also virus-filter http with a squid proxy and clamav plugin. You can also filter email by running it through the firewall, again with a clamav plugin to your mailer. But that's reaching the limits of what virus protection you can expect a firewall to provide for you.

Stability isn't a problem here though - any Linux based solution that's been customized for installing firewall boxes should be pretty stable. Compare to SOHO router/firewall devices which are hit or miss on stability.

 

[n0cmonkey]

3 easy steps to Windows security bliss:

1. Use a limited user account.
2. Use a software firewall. The windows XP sp2 firewall should be fine.
3. Use good antivirus softrware.

 

[kehi]

Alright, finally decided to DL Smoothwall and give it a try. I have a cable modem that I want to network to the smoothie. I know this a GREEN + RED setup and know that I need DHCP enabled on the RED end since that is the internet side. I want to configure the Green with static ips but I am confused about one of the last screens that I see during the installation. This is DHCP server configuration screen. I am not sure if this pertaining to the GREEN or RED network portion since it does not say (I think it is for the GREEN). If not using DHCP, do I need to put in my ISP DNS's here on this scrren or what? The install manual I downloaded states that if using static it will be necessary to configure smoothwall with a pc with this static ip address. Anyone know how to do this or know of a webpage guide that doesnt use both DHCP on the GREEN and RED networks. TIA

 

[Brazen]

m0n0wall is the most popular
Redwall and bastielle are also good.

 

[n0cmonkey]

Originally posted by: kehi
Alright, finally decided to DL Smoothwall and give it a try. I have a cable modem that I want to network to the smoothie. I know this a GREEN + RED setup and know that I need DHCP enabled on the RED end since that is the internet side. I want to configure the Green with static ips but I am confused about one of the last screens that I see during the installation. This is DHCP server configuration screen. I am not sure if this pertaining to the GREEN or RED network portion since it does not say (I think it is for the GREEN). If not using DHCP, do I need to put in my ISP DNS's here on this scrren or what? The install manual I downloaded states that if using static it will be necessary to configure smoothwall with a pc with this static ip address. Anyone know how to do this or know of a webpage guide that doesnt use both DHCP on the GREEN and RED networks. TIA

DHCP server would be for the inernal network, whichever color that happens to be today.

 

[crobusa]

DHCP should only be enabled on RED, as it grabs the IP from the ISP..
DHCP Server should NOT be enabled
Under Green, click Static, and give the smoothwall the address of 192.168.0.1, assuming you have no other routers.
You need to go to each computer and give:
IP 192.168.0.XXX (indvidual to each computer)
Network Mask 255.255.255.0
Default Gateway: 192.168.0.1

You will