Where do I post a plea for networking advice?

S

sdad

I don't have a broken
Code: 
gizwat
, and I'm not trying to get dufil installed properly, rather I am trying to lay out a network firewall/routing architecture which is basically security sound from the inception. I don't want to end up going around with bubble gum patching up a bunch of holes that are there because of poor layout. Certainly a newbie type question, since I am one.

Most spots on this forum are in place to help get a task done, not jawbone. I don't want to interrupt that philosophy, not my place to do so. On the other hand if I am to advance at all, I sometimes need to expand on the "do this, do that" responses.

So, having said that, where would you suggest that I ask my redundant/ridiculous questions?:OOO Maybe even here?
 
First: learn about networking and security. After that, if you have questions, ask them here, or in other forums designed for networking and / or security.
 
Sorry, couldn't help myself. In my case its old. That's one reason I'm so anxious to get this down.. I don't have much time left until I have to introduce myself when I look in the mirror.

I found a couple of course offerings from MIT. May be others out there, have to poke around a bit. Looks like they cover basic topology, components, proto's, etc. Networking stuff. Didn't see anything on security as yet.

I am trying to come up with a series of monitors that I can run on FreeBSD. Found a pretty good list, but a little clueless as to what they are and what I can get from them.

Looks to me like PF is going to be the big bang, and that's going into my frontline firewall. It appears that using pf and a proper rules will handle many forms of attack. Not being cognisant of how attacks can be formulated I don't know if other types of filters should be used, or even if available.
 
The question is "Where can I go to get entry level questions answered?" I'm looking for such a place. Don't want to bug the regulars with stuff they've seen a million times before.

http://oreilly.com/catalog/9781565928718
Click to expand...
This appears to be good example. $4 from Amazon, $3.99 of that is shipping! (Actually I spent $4.15, got a like-new condition.) I'll read this, then I'll ask.

As a matter of curiosity, is this forum not a general chit-chat spot, either? If its not, then I apologise for misunderstanding, honest mistake, my impression was otherwise.
 
sdad said:
The question is "Where can I go to get entry level questions answered?"
Click to expand...

Just ask. No need to ask if you can ask or mumble about like you have something to say without communicating what it is you want to express.

So I ask again what is your actual question?
 
OMG, you must be shaking your head, wondering "what the heck is this guy?" Sorry, misunderstood.

Okay, here's scenario. All lab exercise, not production!!!! Putting up a entry portal to run from a dsl line to the lan. I am very limited on the hardware side so simple 1 line in, 1 line out.

For firewalling, plan is/was to put pf on this box. But is pf really my best choice? I have additional routing downstream and can use pf in the other router, nothing between the portal router and the downstream router. I read that stateful filtering is somewhat susceptible to denial of service, so maybe I deal with d-o-s first, worry about spoofing until the next router? Only so much I can do with that, but maybe using ipfw instead of pf would be the wiser choice here? My quick overview indicates that I can use ipfw for stateless inspection (did I say that right?), reducing the d-o-s opportunities that an attacker could have.
WHY WOULD THAT BE?
Click to expand...
I have yet to find an answer to that question. If I allow for spoofing does that make the portal router more susceptible to attack than if I did stateful? And, if it is attacked so what? It just feeds the next router, that's it.

Naturally, I want to use both filters so I can see the differences, just don't have the horses for both in same box. Since I am so limited with the hardware I want the sequence of prevention to be correct. I figure that I can do a "rough in" at the portal, and fine tune later downstream. Is there a different piece of software that would make even more sense than either pf or ipfw in this situation?

Once the appropriate software is installed and functioning I want to turn my attention to hardening the install, but not until all is running and I can take a snapshot (So I can go back to square one when I lock root out, or delete half the kernel!).
 
The regular (i.e. 'non-off-topic' forums) are for technical matters/issues/questions regarding FreeBSD, where some banter is allowed (of course), but shouldn't take over the entire asylum. There's nothing wrong with 'free-form discussions' so long as they adhere to the thread's topic. Socializing is best done in the Off-Topic section. That's my take on it, at least.
 
Dutch, Looking at the forum tree at the top of my page it says "FreeBSD-misc-offtopic". I specifically choose that forum for exactly the reasons that you stated. I'm I not there? Where did I mess up, so I don't do that again?
 
You must log in or register to reply here.
Back
Top