[ale] I've hit a rough wall, installin' Smoothwall :-)

Courtney Thomas courtneycthomas at bellsouth.net
Sat Dec 20 18:36:41 EST 2008


Dennis,

Thanks so much for your previous attention and generous offer for further 
consultation   :-)

Right now I'm still trying to sort out SmoothWall and want to also digest 
your present
inclusions but will definitely get back to you soon.

Cordially,

Courtney


----- Original Message ----- 
From: "Dennis Ruzeski" <denniruz at gmail.com>
To: <ale at ale.org>
Sent: Saturday, December 20, 2008 5:45 PM
Subject: Re: [ale] I've hit a rough wall, installin' Smoothwall :-)


> Pop email is port 110/tcp. If you send, smtp is port 25/tcp
>
> I use an encrypted filesystem for most of my sensitive docs. For
> communication I only use ssl or encryption for ssh and secure http
> connections. I have a ipcop firewall set up, which is very similar to
> smoothwall and I also use iptables on linux and comodo firewall on
> windows.
>
> In addition to that I have a bandwidth monitor set up and I use snort
> for my intrusion detection.
>
> I'll be happy to go into detail about any of this with you. Just ask.
>
> --Dennis
>
>
>
> On Sat, Dec 20, 2008 at 1:02 AM, Courtney Thomas
> <courtneycthomas at bellsouth.net> wrote:
>> Thanks Dennis.
>>
>> I guess that covers web browsing but what about email  ?
>>
>> By the way, what security protection other than a firewall do you use,
>> please ?
>>
>> Encryption, and if yes, what do you use and for what purposes ?
>>
>> Cordially,
>>
>> Courtney
>>
>>
>> ----- Original Message -----
>> From: "Dennis Ruzeski" <denniruz at gmail.com>
>> To: <ale at ale.org>
>> Sent: Friday, December 19, 2008 10:43 PM
>> Subject: Re: [ale] I've hit a rough wall, installin' Smoothwall :-)
>>
>>
>>> I'm glad you're up and running--
>>>
>>> For a start, 80/tcp, 443/tcp, and 53/udp are important. That's http,
>>> https, and dns, respectively.
>>>
>>> Others will depend on what applications you run and how they access
>>> the net. (Streaming video, ftp, ssh, telnet, etc...)
>>>
>>> --Dennis
>>>
>>>
>>>
>>> On Fri, Dec 19, 2008 at 9:33 PM, Courtney Thomas
>>> <courtneycthomas at bellsouth.net> wrote:
>>>> Brian,
>>>>
>>>> You were right and so was I.  I just didn't have enough sense to know 
>>>> it
>>>> :-)
>>>>
>>>> There was nothing wrong with my setup. It's just that I didn't realize 
>>>> I
>>>> needed to
>>>> do a hard reset on the wireless router to apparently enable the router 
>>>> to
>>>> detect and incorporate each parameter change as I was feeling my way.
>>>>
>>>> All now works as wanted ! Functionally.
>>>>
>>>> But I'm still not sure if I've properly implemented subnetting re: the
>>>> router,
>>>> lan and firewall. Comments ?  [Please see initially submitted query for
>>>> detail.]
>>>>
>>>> BUT......I have now half closed the firewall and would like to entirely
>>>> close it, putting
>>>> it in "closed" configuration, defined as.........
>>>>
>>>>    "all outgoing requests are blocked and must be explicitly chosen 
>>>> ports
>>>> and services required".
>>>>
>>>> How do I do this ?
>>>>
>>>> Which ports and services, at a minimum, do I need ?
>>>>
>>>> Cordially,
>>>>
>>>> Courtney
>>>>
>>>>
>>>>
>>>> ----- Original Message -----
>>>> From: "Brian Pitts" <brian at polibyte.com>
>>>> To: <ale at ale.org>
>>>> Sent: Friday, December 19, 2008 8:42 PM
>>>> Subject: Re: [ale] I've hit a rough wall, installin' Smoothwall :-)
>>>>
>>>>
>>>>> Hi Courtney,
>>>>>
>>>>> Let's approach the problem a step at a time.
>>>>>
>>>>> 1) Connect the machine running smoothwall directly to the internet. 
>>>>> The
>>>>> goal here is to connect your modem to the "red" NIC so that interface
>>>>> has the public IP address given to you by your internet service 
>>>>> provider
>>>>> (eg 216.77.188.41). If you have a cable modem this si probably as 
>>>>> simple
>>>>> as plugging it in. If you have a DSL modem from Bellsouth it may be 
>>>>> set
>>>>> up to act as a router; then you will need to figure out how to change 
>>>>> it
>>>>> to act as a bridge.
>>>>>
>>>>> 2) Configure your private network in smoothwall. I do not have any
>>>>> experience doing this, but I imagine you assign a private IP address 
>>>>> to
>>>>> your "green" NIC (e.g. 192.168.1.1), set up a DHCP server to listen on
>>>>> your "green" NIC and assign a range of addresses (eg 192.168.1.100 -
>>>>> 192.168.1.200), and tell smoothwall to forward traffic from "green" to
>>>>> "red".
>>>>>
>>>>> 3) Connect your ethernet hub to the "green" interface. You should be
>>>>> able to connect your machines with wired NICS to the hub and access 
>>>>> the
>>>>> internet.
>>>>>
>>>>> 4) DON'T connect your wireless router to the hub or maching running
>>>>> smoothwall yet. Plug in just the power cord. Connect to it from your
>>>>> windows laptop. Log in to the linksys web interface. Turn off the
>>>>> linksys DHCP server. The linksys should have fields to set up internal
>>>>> and external IP addresses. Do not set up an external address. Give it 
>>>>> an
>>>>> internal address on the same network as your smoothwall box (e.g.
>>>>> 192.168.1.2). Save these settings and unplug the linksys. NOW connect
>>>>> one of the 4 internal ethernet ports on the linksys to one of the 
>>>>> ports
>>>>> on your hub using a crossover cable. Plug the linksys power back in.
>>>>> Your should be able to access the internet from your machines with 
>>>>> wifi
>>>>> now.
>>>>>
>>>>> -Brian
>>>>>
>>>>> _______________________________________________
>>>>> Ale mailing list
>>>>> Ale at ale.org
>>>>> http://mail.ale.org/mailman/listinfo/ale
>>>>
>>>> _______________________________________________
>>>> Ale mailing list
>>>> Ale at ale.org
>>>> http://mail.ale.org/mailman/listinfo/ale
>>>>
>>> _______________________________________________
>>> Ale mailing list
>>> Ale at ale.org
>>> http://mail.ale.org/mailman/listinfo/ale
>>
>> _______________________________________________
>> Ale mailing list
>> Ale at ale.org
>> http://mail.ale.org/mailman/listinfo/ale
>>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale 



More information about the Ale mailing list