Home networking

Discussion in 'NZ Computing' started by collector«NZ, Oct 25, 2007.

  1. collector«NZ, Oct 25, 2007
    #1
    1. Advertising

  2. collector«NZ

    Puddle Guest

    collector«NZ wrote:
    > Has any one had any experience of using this solution for Firewall etc
    >
    > http://www.clarkconnect.com


    I had a play with it a long time ago, it is quite nice but I didn't need
    all the services so instead saved some money and went with smoothwall,
    though I ended up adding tons of free addons into surgemail to get a lot
    of extra functionality. I would do away with surgewall probably too but
    my adsl modem is very unstable when used as a router...
    Puddle, Oct 25, 2007
    #2
    1. Advertising

  3. collector«NZ

    EMB Guest

    collector«NZ wrote:
    > Has any one had any experience of using this solution for Firewall etc
    >
    > http://www.clarkconnect.com


    Yes. It works, but running mail, DB and suchlike on the firewall box
    sort of negates the firewall functionality and effectively leaves you
    with a server that has routing functionality and no firewall between it
    and t'internet.
    EMB, Oct 25, 2007
    #3
  4. EMB wrote:
    > collector«NZ wrote:
    >> Has any one had any experience of using this solution for Firewall etc
    >>
    >> http://www.clarkconnect.com

    >
    > Yes. It works, but running mail, DB and suchlike on the firewall box
    > sort of negates the firewall functionality and effectively leaves you
    > with a server that has routing functionality and no firewall between it
    > and t'internet.

    Agreed but of course horses for courses and I am not looking for
    enterprise security
    collector«NZ, Oct 25, 2007
    #4
  5. In message <4720469c$>, collector«NZ wrote:

    > ... I am not looking for enterprise security


    The script kiddies don't know whether you're an enterprise or not, they
    attack everybody's systems just the same.

    I got this USB ADSL modem fired up for the first time, and within seconds I
    saw entries appearing within my system log of password-guessing attempts on
    the SSH port.
    Lawrence D'Oliveiro, Oct 25, 2007
    #5
  6. Lawrence D'Oliveiro wrote:
    > In message <4720469c$>, collector«NZ wrote:
    >
    >> ... I am not looking for enterprise security

    >
    > The script kiddies don't know whether you're an enterprise or not, they
    > attack everybody's systems just the same.
    >
    > I got this USB ADSL modem fired up for the first time, and within seconds I
    > saw entries appearing within my system log of password-guessing attempts on
    > the SSH port.

    Not worried if they do have a go, wouldn't be to concerned if they even
    got in, thats what I mean by not being enterprise. Now on the other hand
    I use nothing but cisco gear on my lan/wan at work, it is as tight as we
    can make it without strangling it
    collector«NZ, Oct 25, 2007
    #6
  7. In message <4720547a$>, collector«NZ wrote:

    > Lawrence D'Oliveiro wrote:
    >
    >> In message <4720469c$>, collector«NZ wrote:
    >>
    >>> ... I am not looking for enterprise security

    >>
    >> The script kiddies don't know whether you're an enterprise or not, they
    >> attack everybody's systems just the same.
    >>
    >> I got this USB ADSL modem fired up for the first time, and within seconds
    >> I saw entries appearing within my system log of password-guessing
    >> attempts on the SSH port.

    >
    > Not worried if they do have a go, wouldn't be to concerned if they even
    > got in, thats what I mean by not being enterprise.


    That's an antisocial attitude. Even if you don't care that they pwn your
    box, they can then use it as a platform for attacking others, as part of a
    botnet. If you let them do that, then you have to bear part of the blame if
    it happens. As far as I'm concerned, you would deserve to be cut off by
    your ISP.
    Lawrence D'Oliveiro, Oct 25, 2007
    #7
  8. collector«NZ

    Robert Cooze Guest

    collector«NZ wrote:
    > Has any one had any experience of using this solution for Firewall etc
    >
    > http://www.clarkconnect.com

    looks a lot like e-smith or should i say sme server there is a free
    version cant remember the the name of it but i think the site was named
    contribs.org or something

    --
    http://cooze.co.nz home of the RecyclerMan aka Robert Cooze

    / __/ / / / / /__ / / ___/ / __/ / / / |/ / /__ /
    / / / /_/ / / /_/ / _-' / __/ / / / /_/ / / /| / _-'
    ___\ ____/ ____/ /___/ /____/ /_/ ___\ ____/ /_/ /_/ |_/ /___/
    Robert Cooze, Oct 25, 2007
    #8
  9. collector«NZ

    Steve Guest

    On Thu, 25 Oct 2007 21:10:47 +1300, Lawrence D'Oliveiro wrote:

    > In message <4720469c$>, collector«NZ wrote:
    >
    >> ... I am not looking for enterprise security

    >
    > The script kiddies don't know whether you're an enterprise or not, they
    > attack everybody's systems just the same.
    >
    > I got this USB ADSL modem fired up for the first time, and within
    > seconds I saw entries appearing within my system log of
    > password-guessing attempts on the SSH port.


    Depressing isn't it. Must be school holidays somewhere. However, I just
    don't use ADSL modems, as if the break in to that, they're on your pc
    already. A remote router+network gives to that extra level...

    Unless you're using it on a dedicated firewall, of cource.

    I find that denyhosts is fairly useful.
    Steve, Oct 27, 2007
    #9
  10. In message <ffufhq$gvj$>, Steve wrote:

    > However, I just don't use ADSL modems, as if the break in to that, they're
    > on your pc already. A remote router+network gives to that extra level...


    Trouble is, I need to access some services that my ADSL router can't cope
    with. Hence the modem.

    > Unless you're using it on a dedicated firewall, of cource.


    It's going to be connected to a Linux box. That helps.

    > I find that denyhosts is fairly useful.


    I wrote my own script, block_ssh_guessers, before I found out about
    denyhosts. I've got a whole bunch of clients' machines protected with that.
    I was also quite excited to read about the iptables "tarpit" option--that
    sounded like so much more fun than just blocking the bastards--get them
    tangled up in phantom connections that consume their resources and refuse
    to go away.

    Unfortunately, the code for that isn't in the standard kernel--you have to
    get a patch from netfilter.org. Even more unfortunately, that patch doesn't
    work against a 2.6.23 kernel: you get compilation errors saying "'struct
    sk_buff' has no member named 'nh'". Sigh...
    Lawrence D'Oliveiro, Oct 27, 2007
    #10
  11. collector«NZ

    Dave Taylor Guest

    Lawrence D'Oliveiro <_zealand> wrote in
    news:ffuk5o$k8g$:

    > I wrote my own script, block_ssh_guessers, before I found out about
    > denyhosts. I've got a whole bunch of clients' machines protected with
    > that. I was also quite excited to read about the iptables "tarpit"
    > option--that sounded like so much more fun than just blocking the
    > bastards--get them tangled up in phantom connections that consume
    > their resources and refuse to go away.
    >


    You might want to look into this IPTables service:
    http://www.threatstop.com/
    Free for now and it works well.

    --
    Ciao, Dave
    Dave Taylor, Oct 27, 2007
    #11
  12. In message <Xns99D6E1585292Bdaveytaynospamplshot@203.97.37.6>, Dave Taylor
    wrote:

    > Lawrence D'Oliveiro <_zealand> wrote in
    > news:ffuk5o$k8g$:
    >
    >> I wrote my own script, block_ssh_guessers, before I found out about
    >> denyhosts. I've got a whole bunch of clients' machines protected with
    >> that. I was also quite excited to read about the iptables "tarpit"
    >> option--that sounded like so much more fun than just blocking the
    >> bastards--get them tangled up in phantom connections that consume
    >> their resources and refuse to go away.

    >
    > You might want to look into this IPTables service...


    It's OK, I figured out how to update the tarpit patch.
    Lawrence D'Oliveiro, Oct 27, 2007
    #12
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Eddy Malik [MSFT]
    Replies:
    0
    Views:
    823
    Eddy Malik [MSFT]
    Mar 22, 2005
  2. =?Utf-8?B?QUJTUE9QVVA=?=

    PROBLEMS WITH NETWORKING - NEW TO NETWORKING

    =?Utf-8?B?QUJTUE9QVVA=?=, Mar 22, 2005, in forum: Wireless Networking
    Replies:
    2
    Views:
    602
    =?Utf-8?B?QUJTUE9QVVA=?=
    Mar 23, 2005
  3. barry crowley
    Replies:
    20
    Views:
    1,244
  4. Andy
    Replies:
    4
    Views:
    792
  5. Handy-one
    Replies:
    5
    Views:
    543
    Lanwench [MVP - Exchange]
    Feb 29, 2008
Loading...

Share This Page