Old pc with linux based firewall
small private school in eastern europe. setup - 20 w2k workstations, w2k server. Server acts as dns, adsl modem coonect to router/4port switch ( router acta as dhcp server). No firewal, no proxy, no caching, no monitoring. No money for anything!
Apply firewall rules on router? firewall ( e.g. zonealarm on pc's?
Anything else that can ve done?
Old pc with linux based firewall
Agreed. IP Cop or smoothwall will firewall, give you a vpn and cache web content. Very easy to setup.Originally Posted by j17sparky
thank you but asd i explained there is no money and no old pc!
The server shouldn't really be exposed to the internet directly like that. Atleast install a software firewall on the server if you really can't get a PC from somewhere (that's all it'll cost - IPCop/Smoothwall is a free download).
Just to add that smootwall or IPCop is bar far your best option here, and bear in mind you won't need a monitor for the PC. You can borrow one off one of the W2K workstations to configure it and manage it through a browser.
Also with only 20 clients you will get away with a very low spec PC.
i understand the need for a hardware firewall (old pc) but this is a profit making organisation and i am already short of computers.
Upgrade the 2k server to linux, install another NIC, samba, squid and a firewall. Use the linux server as a domain controller, printer server, fileserver , proxy, email, and firewall etc. Not Ideal but no money pretty much limits your options.
I have to agree with CyberNerd on this. If you don't have any spare computers that you can use then this is the only real option you have.
You can get hold of a old PIII 500 ish computer with about 512MB [maybe less] and a 10GB IDE HDD surely?
for the setup, you wont even need that spec really but if you can get a few people to pull together, you're bound to find left over and old parts which you could then use with the free software [censornet / smoothwall / etc that is a complete linux packge - just boot the iso and install / configure it ]
As much as i'd say go for turning your fileserver from a 2k to a linux box, if you dont know linux, this may make it a little hard on you to configure everything [i.e. all the options and everything working together etc], whereas if u have a seperate box for just the firewall / proxy option, its less work to set up and less to fix if things go wrong.
I know how it feels to have no money avaliable but some times there is no option for things to be effective and usable. I have to push alot of times and I dont get all the answers i need
Good luck and let us know how it goes
Put it this way. It will cost a hell of alot more money in terms of downtime and possibley having to rebuild the whole domain if you are targetted.
You NEED repeat NEED NEED NEED a firewall. THere is no if's and but' "we dont have any money" about it. Simple as that you HAVE to find an old PC or like said move your whole domain over to linux.
You are now on the internet broadcasting to everyone whos watching "Come attack me, I have no security".
If you have no money who's paying for the Internet connection?
I thought private schools had lots of money to throw at projects?
If you have no firewall and possibility of creating one then don't put the machines on the Internet.
Why are you letting you router do the DHCP?
Is this router the connection to your ISP or is there and ADSL modem plugged into the 2K server?
What make/model is the router?
which country are you in?Originally Posted by ptrainor1
thank you all for your comments. you do not understand the complexities of school admin in russia!!
i will use one of the exist pc as a linux box with smoothwall.
Well know we didn't as until that comment we didn't know you were in russisa did we?
There are currently 1 users browsing this thread. (0 members and 1 guests)