time to ask for help... .
Bryant Eadon
bryant.eadon at gmail.com
Thu Jun 18 23:12:19 UTC 2009
Gary Kline wrote:
> The way my site is now configured, my ISP
> (Qwest) baby-bell has its router connected to my pfSense firewall. The
> firewall computer connects to my FreeBSD server which handles my DNS,
> mail, and web. The server then fans out to my several desktops. This
> one, my laptop, my daughter's MacBook, and has a spare CAT5 for my wife's
> PC.
Since this sounds like a home setup, in terms of raw power usage I'm inclined to
suggest a tighter integration of router, DNS and firewall functionality by
putting this all into something like OpenWRT on a decent off-the-shelf router,
thereby eliminating the Qwest router, firewall machine and possibly mail/web if
it's low volume enough and/or you pick up a router with a USB connection for
storage. Try an Asus WL-500G Premium (version 1 is my favorite) if you go that
route. This would free up the server for other tasks, obsolete 2 boxes (and
possibly the server), spice up your life with easy to install SNMP monitoring of
connections and give your family wifi ... but I digress...
> At a minimum, I'd like to have CVS working on at least my server.
http://www.freebsd.org/doc/en_US.ISO8859-1/articles/cvs-freebsd/article.html
> I used ipf and/or IPFW .... managed to catch and kill
> hundreds of kiddie-scripters trying to crack in. But with pfSense and
> how things are *now*, I'm in the dark.
You're looking for an intrusion detection system (IDS). For FreeBSD you might
leverage 'grok' written by Jordan Sissel, which, isn't an IDS, but it will play
like one :
http://www.semicomplete.com/projects/grok/
You could also do something like this :
http://surachartopun.com/2008/06/example-how-to-monitorby-e-mail-auth.html
...monitor your auth logs for bandits with email alerts.
That should get you started :)
-Bryant
More information about the freebsd-questions
mailing list