time to ask for help... .

Bryant Eadon bryant.eadon at gmail.com
Thu Jun 18 23:12:19 UTC 2009

Gary Kline wrote:
> The way my site is now configured, my ISP
> 	(Qwest) baby-bell has its router connected to my pfSense firewall.  The
> 	firewall computer connects to my FreeBSD server which handles my DNS,
> 	mail, and web.  The server then fans out to my several desktops.  This
> 	one, my laptop, my daughter's MacBook, and has a spare CAT5 for my wife's
> 	PC.   

Since this sounds like a home setup, in terms of raw power usage I'm inclined to 
suggest a tighter integration of router, DNS and firewall functionality by 
putting this all into something like OpenWRT on a decent off-the-shelf router, 
thereby eliminating the Qwest router, firewall machine and possibly mail/web if 
it's low volume enough and/or you pick up a router with a USB connection for 
storage. Try an Asus WL-500G Premium (version 1 is my favorite) if you go that 
route.  This would free up the server for other tasks, obsolete 2 boxes (and 
possibly the server), spice up your life with easy to install SNMP monitoring of 
connections and give your family wifi ... but I digress...

> 	At a minimum, I'd like to have CVS working on at least my server.


>       I used ipf and/or IPFW .... managed to catch and kill 
> 	hundreds of kiddie-scripters trying to crack in.  But with pfSense and 
> 	how things are *now*, I'm in the dark.

You're looking for an intrusion detection system (IDS).  For FreeBSD you might 
leverage 'grok' written by Jordan Sissel, which, isn't an IDS, but it will play 
like one :


You could also do something like this :

...monitor your auth logs for bandits with email alerts.

That should get you started :)


More information about the freebsd-questions mailing list