Security :: Dedicated Firewall - Network Setup With Two Servers In DMZ

Jan 3, 2011

I currently want to set up a network with 2 Ubuntu servers (mail and web) in a DMZ in order to separate them from an internal network. I want to use a dedicated Linux firewall. This firewall will have 3 network interfaces on it. One network interface will connect to the external router/modem (router and modem in one box), one interface will connect to the DMZ and the other interface will connect to the internal network. The router/modem lets you put, I think it's 1 or 2, interfaces in a DMZ.

But, when I think of any of the dedicated firewall's or servers' interfaces it doesn't make sense to me to put any of them in the router/modem's DMZ (I think it would be better for the dedicated firewall's and the servers' interfaces to have static private I.Ps ie etc right?). What I mean is that even if, as far as the router/modem is concerned, none of the interfaces were in a DMZ, the area where the servers are would still effectively be a perimeter network and with such a set up would still be, effectively,a DMZ, right?

View 7 Replies


Fedora Security :: How To Do Setup Firewall

Jul 22, 2009

Up until recently, as in a few days ago, I was using Ubuntu and had ufw managing the firewall.It's been "recommended" that iptables itself be used. Where do I do the rules go (as in a file) and how do I call those rules at startup?

View 6 Replies View Related

Ubuntu Security :: UFW - How To Setup Firewall

Jun 21, 2011

I am a Linux newbie so please bear with me if I sound stupid. I was checking out how to set up a firewall for my system and landed on this webpage: [URL]. But I am so confused with how this ufw application works. What I understand is that once I set it to "default deny" it prevents unauthorized incoming connection but what does it mean when the author says to add exceptions for services I need? When do I need to do that? Also what's an SSH server?

View 2 Replies View Related

Security :: Firewall Infront Of Router Setup?

Mar 9, 2011

I am trying to setup a firewall using Centos 5.5. The machine has 2 NICs, one connecting to the ISP/Modem and the other connected to a DIR-655 wireless router. The nic is connecting to the internet port on the router.

I do not want DHCP on the Firewall machine but on the wireless router.

[ISP/Modem]<--->[machine eth0]<--->[machine eht1]<--->[DIR-655 internet port]
IP from ISP Dynamic

IP's on the DIR-655 LAN will be network lets say.

I have setup routes on the eth0 and
and added to eth1.

I can ping eth0 and eth1 but cannot ping

this setup is not actually connected to the internet so I disabled iptables to try testing the ping and still no good.

View 1 Replies View Related

Ubuntu Security :: Shorewall Firewall Setup In Webmin?

Jan 3, 2011

I got Shorewall firewall all Set-up perfect but I'm stuck at 1 last bit. The aim is to let on 2 clients max onto my server. I have the policy setup in webmin as.
Uploaded with
More than 2 clients can get onto the server. The aim is to have it as a ddos protection allowing 100 clients on and a max burst of 10 clients at a time.

View 3 Replies View Related

Ubuntu Servers :: Setup A Dedicated Web Server With Server 10.10 ?

Nov 24, 2010

After installation Ubuntu Server 10.10 I don't know what to do next to access to the Internet.

View 9 Replies View Related

Ubuntu Security :: Outbound Firewall Protection (permissive Vs. Restrictive) - What's Setup?

Dec 18, 2010

Using Windows, I always set a Restrictive firewall policy with a third party firewall. But I also had all ports set to Stealth, something that appears to not offer any security benefits (as I've learned from reading Ubuntu forums). I'd like to learn about best security practices (under Ubuntu) for outgoing firewall protection. I will be using the built-in Ubuntu firewall that is configured via Firestarter. Outgoing filtering offers privacy as well as security benefits. But I thought I needed my ports stealthed to be safe too, so I'm open to learning new things.

I wanted to start a poll to find out how many folks use permissive/restrictive, but no polls allowed here apparently.Could Ubuntu users knowledgeable about firewalls enlighten me on whether I should go Outbound-Restrictive and what applications I will need to allow so Ubuntu "housekeeping" is not affected negatively? I basically just use the internet for software updates, web-surfing and e-mail. One question I have is whether there is something comparable in Ubuntu to Window's "DNS Client" service? I always disabled Window's "DNS Client" and forced each application to request port 53 DNS lookups itself.I only had to allow four programs to accomplish all internet traffic that I engage in. I set all other programs/applications to be either Blocked or to have to Ask for an outgoing connection as needed.Here is my former Windows XP setup:

svchost.exe: allow UDP for ports 53, 67, 68, 123 (time) and TCP for ports 80, 443
Avast: allow UDP for port 53 and TCP for port 80
firefox: allow UDP for port 53 and TCP for ports 80, 443
IE: allow UDP for port 53 and TCP for ports 80, 443

View 9 Replies View Related

OpenSUSE Network :: Increase Network Security> Personal Firewall?

Apr 7, 2011

I want some advice for making my system more secure. I want deactivate any network connection that is unnecessary. Only my browser and the update ability of zypper should have access to the internet. On windows there are personal firewalls.

How can I block internetaccess for all other programmes on openSUSE?

View 8 Replies View Related

OpenSUSE Network :: Firewall Setup For OpenMPI - Can't Get To Run

Jul 24, 2010

I'm trying to get OpenMPI (a parallel programming library) working on my home system. I have just two machines on it now, t61 and quad, connected through a router. (Which is also connected to cable modem for internet.) I can ssh between the machnes, mount directories with NFS, etc. However, I just can't get the OpenMPI to run. The OpenMPI message board suggested that the most probable cause is that the firewall is blocking TCP. I don't know how to tell if that's the problem, and can't find any manual for the SuSE firewall, while the various Wikis &c that pop up in a search don't provide any information that addresses my problem.

View 9 Replies View Related

Networking :: Setup A Firewall In Home Network Environment

May 2, 2010

I am attempting to set up a firewall in my home network environment. the rest of the environment is windows, sorry I am attempting now so bear with me. what I have is a cable modem coming in, then my fedora 11 box with 2 nics, then the wireless router and the rest of the network.

everything works fine until I put the linux box in. If I put the firwall in the firewall sees the internet but the wireless router directly after does not. I am doing something wrong with the dhcp I am guessing. I dont want the firewall to give the address to the network I want the router to. I tried to get the firewall to do it (yum install dhcp leafnode) but it kept saying something didn't work right.

so I figure I will let the cable modem give the firewall an ip and the router give the rest of the network their ip's but how do I get the firewall and router to see each other and allow passthrough?

View 1 Replies View Related

Ubuntu Security :: Firewall Settings In A Network With It And XP

Jan 18, 2011

I run a small (cabled) network between a desktop with XP with two printers hooked to it and a laptop with Ubuntu 10.04.1 64b. I can approach and use these printers from my laptop and filesharing works also. BUT ... this only works when my Ubuntu firewall (Gufw 10.04.5) is switched off. I am operating behind my router_modem which has a hardware type of firewall switched on at all times so I presume I'm safe. Now my questions:

1. Is this really safe enough?
2. What kind of settings would Gufw need to be able to use it AND use my mini-network for printing? I have no experience whatsoever with firewall rules and settings.

View 1 Replies View Related

OpenSUSE Network :: GRC Failing Firewall Setup / Set Up With Gibson Research Centre, It Fails?

Apr 21, 2011

Before I go any further I must admit that I'm pretty rubbish at setting these up, so please be gentle!

Now my problem; I have a normal desktop pc (I don't want to set it up as a server) but when I check the hardness of my set up with Gibson Research Centre, it fails. It can see ports 22,23,80,443 as closed but still visible.....? I have never had this happen to me before and struggling my way through yast firewall tool, I can find no easy way of sorting this out.

View 9 Replies View Related

Ubuntu Security :: Firewall: Completely Prevent Any Traffic From Network?

Jan 4, 2010

I have Ubuntu 8.04 as virtual host. On this host I have installed VirtualBox virtualization software. I have installed Windows XP as virtual machine and installed HTTP server.I would like temporally disable all network connections to host and virtual machine.So on Ubuntu host I have set firewall settings:

sudo iptables -F (to flush - delete all firewall settings)
sudo iptables -P INPUT DROP (to disable all input traffic)


View 9 Replies View Related

Security :: Implementation Of Distributed Firewall In A Local Area Network?

Apr 6, 2011

I want to know the details about the implementation of distributed firewall in a local area network

View 5 Replies View Related

Networking :: Setup Firewall / Sys1 Is Not Connected To Firewall For Testing Purpose?

May 18, 2010

I am learning to setup firewall in my home for that i have selected four system(sys1,sys2....sys4) for testing .I have configured sys2 to act as a firewall with two NIC. sys3 and sys4 are inside the firewall . sys1 is not connected to firewall for testing purpose.

the IP assignments are follows :

sys1 : ( fedora, not connected to firewall i am thinking, But i am not sure )

IP : ,
gateway : blank
dns1 : blank
dns2 : blank

sys2 firewall ,IPTABLES )

what happened is that sys1(not connected to firewall) can ssh to sys4(connected,inside firewall),since the rules are written not to ssh form sys1 to sys4..

then I came to know whatever the request I give, It directly goes as sys1 --> sys4. Not as sys1-----> sys2(firewall)---> sys4 .and the firewall is not filtering and processing anything for both inbound and outbound (i think it's my mistake some where). the requests are directly going inside without firewall.

View 3 Replies View Related

Server :: VPN Setup - Dedicated Or VPS / Bandwidth?

Jul 10, 2011

I want to rent a (root) linux server to run a vpn service on it. I want to allow people to use this vpn.

My questions are as follows:
- What kind of server/service should I rent - dedicated or vps?
- Is one IP-Address enough to connect, say, 100 user? (I plan to run IPsec or OpenVPN, maybe PPTP)
- What Bandwith and/or traffic limits I need to consider to make the service reasonably fast for the users?
- Which Linux-distro should I use? Ubuntu Server, CentOS, FreeBSD, Debian etc?
- How much RAM and HDD space is recommended for such an endevour?
- Any advice on the processor type the server should have?
- Is 100M network ok or better 1000M?
- What means 100Mbps shared bandwidth in contrast to 10Mbps dedicated guaranteed per server?

View 4 Replies View Related

Security :: Open Source Tool To Monitor Network Latency Due To Software / Hardware Firewall?

Feb 10, 2011

Recommend open source tools that can help in figuring out if we are experiencing a network latency due to the newly installed firewall on our server.

View 1 Replies View Related

Fedora Servers :: Is Good Platform For Dedicated Servers

Apr 20, 2011

Being on a low budget and I can't afford to buy Redhat would you recommend using Fedora for setting up dedicated servers? I know Fedora is known to be "bleeding edge" in technology, which concerns me with the stability of the server. Would you recommend a more stable Linux distro? I was also wondering if there is any way to know what these web hosting companies are using in their servers: [url]

View 9 Replies View Related

OpenSUSE Network :: Firewall Setup / Open RTP UDP Ports (port_number : Port_number)?

Aug 16, 2010

How to open RTP UDP ports (port_number : port_number) in openSUSE 11.2 firewall with yast?

View 2 Replies View Related

Security :: Use Iptables As Firewall Instead Of Juniper Firewall?

May 9, 2011

Can we use iptables as firewall instead of Juniper firewall

View 2 Replies View Related

OpenSUSE Network :: Firewall Logs Are In /var/log/{firewall,warn,messages} - Clutter?

Mar 25, 2011

I suspect this is an initial configuration bug. All firewall logs seem to be going to all
three files. That causes a lot of clutter in the log files, and makes it difficult to see whether there are any serious problems being logged.

View 9 Replies View Related

Fedora :: KVM Dedicated Network Adapter

Nov 27, 2010

The Fedora 13 Visualization guide mentions the ability to use "shared physical device" to give virtual guest full access to a network device. Where can I find more info on setting this up. When installing my first guest, the drop down menu didn't supply this as an option. Eth0 and Eth1 were not selectable (e.g. grayed out).Is there a better section to ask KVM related question? If so, I'll move there.

I'm setting up my first KVM guest now, played aroudn with VMware briefly. I did spend a lot of time wtih VM on mainframes (yes, I'm old)... and from my research, KVM is "catching up" with what we could do in the old days.

View 4 Replies View Related

Ubuntu Servers :: Make A Virtual Dedicated Server?

Sep 29, 2010

if anyone can point me in the direction of a tutorial (step by step) how to make a virtual dedicated server using ubuntu to host a website?

View 1 Replies View Related

OpenSUSE Network :: How Does A Server Without A Dedicated Monitor Work

Mar 29, 2011

When you need to change something on the server you can hook up a monitor and a keyboard and do it through the console.

I would like to hook up an external monitor in this fashion for a desktop. The current video card can only support a single display. So I was hoping there was someway to use a second monitor as just a permanent console since simple text shouldn't require a video card?

View 9 Replies View Related

Networking :: Adding Route To Dedicated Network Behind Gateway

Mar 23, 2011

My workstation is on a network, let's say I'm opening up an openVPN Tunnel to a test environment in my company, receiving a lot of routes to this network (address range 172.xx.yy.0). Everything is working fine so far. In this test environment I placed a number of virtual systems having their own private network ( I have one machine in this virtual cluster which is able to forward incoming IP traffic to the others.

When I login to this gateway system, using the 172.xx.yy.zz address, I can logon to the others using the addresses. Fine so far. But I have to be able to call these machines with the addresses from my laptop. So I tried to add a route like:
route add -net netmask gw 172.xx.yy.zz

Unfortunately I received an error messages:
SIOCADDRT: No such process

According to the entries in other forum articles (Google helps in most cases), I have to add a host route first:
route add -host 172.xx.yy.zz gw 172.well.defined.dest

View 1 Replies View Related

Fedora Servers :: Steps To Setup A SVN For My Network ?

May 29, 2010

Setup a SVN for my network

Please tell me the complete steps for that

View 3 Replies View Related

Debian Configuration :: Setup A NFS4 Server (no Security, Local Home Network Behind FW)?

May 30, 2010

I'm trying to setup a NFS4 server (no security, local home network behind FW). It seems that I'm missing something because 'rpcinfo -p' does not list v4 for NFS: petit-pois:/home/eric# rpcinfo -p


View 3 Replies View Related

General :: Setup Dedicated Server Using Ubuntu Server Or Equivalent Opensource OS?

Jan 16, 2010

How to setup Dedicated Server for Web Hosting using Ubuntu Server or equivalent opensource Operating System? And how to make secured my Dedicated Server on public?

View 1 Replies View Related

Ubuntu Servers :: Setup VPN And Remote Network Drive?

May 28, 2010

I am wondering how to setup a remote disk on my server so that I can remotely access files on my Windows laptop through the "Map Network Drive" feature.

How do I go about doing something like this?

View 2 Replies View Related

Ubuntu Servers :: Setup A DNS Server On Local Network?

Jun 14, 2011

I am trying to setup a DNS server on my local network. When I set linux clients to use it, it works as expected. However, when I set windows clients to it, the root name doesn't resolve. For example, I have a zone called daniel. On linux "anything.daniel" resolves to the correct ip as does "daniel" which is the behavior I want. However, on windows 7, "anything.daniel" resolves correctly, but "daniel" doesn't. I am new to BIND9 so my config is mostly copy and pasted. Here is my zone file for daniel (where #.#.#.# is the ip I want daniel to resolve to):

@ IN SOA ns1.daniel. admin.daniel. (


View 1 Replies View Related

Copyrights 2005-15, All rights reserved