time to ask for help... .
bryant.eadon at gmail.com
Thu Jun 18 23:12:19 UTC 2009
Gary Kline wrote:
> The way my site is now configured, my ISP
> (Qwest) baby-bell has its router connected to my pfSense firewall. The
> firewall computer connects to my FreeBSD server which handles my DNS,
> mail, and web. The server then fans out to my several desktops. This
> one, my laptop, my daughter's MacBook, and has a spare CAT5 for my wife's
Since this sounds like a home setup, in terms of raw power usage I'm inclined to
suggest a tighter integration of router, DNS and firewall functionality by
putting this all into something like OpenWRT on a decent off-the-shelf router,
thereby eliminating the Qwest router, firewall machine and possibly mail/web if
it's low volume enough and/or you pick up a router with a USB connection for
storage. Try an Asus WL-500G Premium (version 1 is my favorite) if you go that
route. This would free up the server for other tasks, obsolete 2 boxes (and
possibly the server), spice up your life with easy to install SNMP monitoring of
connections and give your family wifi ... but I digress...
> At a minimum, I'd like to have CVS working on at least my server.
> I used ipf and/or IPFW .... managed to catch and kill
> hundreds of kiddie-scripters trying to crack in. But with pfSense and
> how things are *now*, I'm in the dark.
You're looking for an intrusion detection system (IDS). For FreeBSD you might
leverage 'grok' written by Jordan Sissel, which, isn't an IDS, but it will play
like one :
You could also do something like this :
...monitor your auth logs for bandits with email alerts.
That should get you started :)
More information about the freebsd-questions