[H-GEN] E Smith Hacked

Sarah Hollings sarah at humanfactors.uq.edu.au
Mon Jun 17 00:57:37 EDT 2002


[ Humbug *General* list - semi-serious discussions about Humbug and     ]
[ Unix-related topics. Posts from non-subscribed addresses will vanish. ]

Tony Bilbrough wrote:

>[ Humbug *General* list - semi-serious discussions about Humbug and     ]
>[ Unix-related topics. Posts from non-subscribed addresses will vanish. ]
>
>G'day All,
>I have been repeatedly warned that E Smith does not have an effective firewall.
>But I have not had any problems since February, when it first fired up, so I
>never thought too much about it.
>[snip]
>All this is in haste, as I am now sorting thru 'bits', to build a box for a
>Smoothwall!
>Does any one have a copy of the Lite version I can borrow? I will come over and
>pick it up.
>  
>
Tony,

I know it seems a big switch to use Free BSD if you're not familiar with 
it.... But I had never had anything to do with FreeBSD 5 months ago, 
until I build myself a drawbridge bridging firewall. Absolutely 
brilliant. It runs on a pentium 100 and serves all 30 hosts on our 
network without a hitch, really easy to use config file, very nice for 
security.

http://drawbridge.tamu.edu/

I have it set up with 3 NIC's, the 3rd one only needs to be a fairly 
crappy one as what it does is to provide an ssh interface with a 2nd NIC 
in my desktop admin machine, direct peer-to-peer via a crossover utp 
cable, for administration. The other two interfaces are the "in" and the 
"out": neither can be routed to at all, they just either bridge packets 
transparently across, or drop them. Any cracker can't even see where the 
firewalling is happening, unless they get thru the firewall, into your 
administration machine, and then into the firewall via the 3rd interface.

Obviously it doesn't do everything that smoothwall does, but if you're 
into boxology, having a box that runs your firewall and doing all your 
routing, NAT or whatever else you want seperately seems a good idea.

Sarah Hollings



--
* This is list (humbug) general handled by majordomo at lists.humbug.org.au .
* Postings to this list are only accepted from subscribed addresses of
* lists 'general' or 'general-post'.  See http://www.humbug.org.au/



More information about the General mailing list