About

Showing posts with label intrusion detection. Show all posts
Showing posts with label intrusion detection. Show all posts

4/28/12

Zentyal - Ultimate Gateay/Fireall solution for beginners.


So I was up to my throat in trying to get a regular Debian distro to act as a firwall/gateway/dchp provider/network sniffer etc. I pretty much gave up after I could not get dnsmasq working properly.

So I researched a bit and came up with the Zentyal distro. I am currently running it on a single core Pentium 4 with a low grade mobo, and it does just fine. Load times are around 0.20.

The ease of use and intuitive user interface will have you set up in no time. Here's the LINK to their website. The paid version includes cloud services et.al but the standalone server is FREE.

Installing Zentyal 2.2.7

An old single core P4 machine with 2GB RAM

Not much in here, CD-ROM, IDE harddisk to boot from

Also installed 2x80 SATA disks in RAID0,
just to have some space for downloads.


The free version includes (among others)
No hassle network configuration
IDS
DHCP
NAT
Web Proxy Cache
Misc. Monitors.
GUI (XCFE i think)
Comes with Firefox to administer the firewall. It's implemented with jquery and scriptacolous. Nice work.
It's built on Ubuntu 10.04 LTS and comes with an LXDE interface. You can install Synaptic and install some apps, but do not expect the full Ubuntu Experience.

However, there is a way to install Zentyal packages from within an original Ubuntu. If you want that, check the Ubuntu forums. But this is a good and clean install.

I tried first IPcop and it's sublings and them I tried to customize Debian 6.04, only to end up with spasms, and then I found Zentyal. It pretty much worls out of the box for beginner-to intermdiate network administrators.

Keep up the good work, Zentyal devs!
The desktop itself, LXDE based.

Administration is performed within the web
interface in the pre-installed FireFox.

One great thing about keeping old hardware around!

ACER Tower

Other solutions like IPCop and MonoWall are great, but this makes a good multifunctional device:
  • Cheap ISP routers are casually hacked. This will chase away most random hackers.
  • The computer in question can be used for more than just a dumb dedicated firewall
  • Traffic shaping can control bandwidth usage, if let's say, you have a neighbor who lends some internet from "time to time. (Meaning "I'll fucking kill you if I lose my XBox Live connection again").
  • Intrusion detection and general bad packet warning