华强北电脑城 龙岗电子世界 龙华电脑城  凯尔电脑

 找回密码
 立即注册

QQ登录

只需一步,快速开始

查看: 2256|回复: 0

Open Source Firewall/UTM Options

[复制链接]
发表于 2013-5-2 04:01:13 | 显示全部楼层 |阅读模式
Open Source Firewall; ?+ R5 F$ e, E4 l+ W3 D
A firewall is one of the tools used to secure a computer network. A firewall can prevent unwanted access to departmental systems while preventing local systems from attacking systems on other networks (on the other side of the firewall). Firewalls require on-going monitoring in order to ensure that they do not unnecessarily restrict access to important computer resources while preventing unwanted access and to ensure that the firewall is operating as expected. Firewall logs should also be reviewed regularly in order to evaluate traffic patterns including denied connections. Installing and operating a firewall to protect a departmental LAN is only one of many criteria that Network Administrators need to consider when determining the security requirements of their environment. A complete security assessment will help identify other areas of vulnerability.
: y, D' j' j6 {7 ]6 p$ G: H    , E1 M8 q* a' s$ {, ?
Filseclab Personal Firewall Professional Edition; r- W; ~5 `- X* }$ W
Filseclab Personal Firewall Professional Edition is one of the most important software of Filseclab, it is very easy to use and also very powerful. It can provide more secure protection for your PC, and it is FREE.
( I4 g/ X- W+ K; m7 a. {* It can block the most attacks from worm viruses and trojans.0 o: X9 ~6 }$ i0 d. X0 }0 O8 _; {
* It can block some main Adware and Spyware, the definition supports live update and you may also define it yourself.( O! Z4 K$ P  f' p7 U" M1 ]
* Double filter system provides double-layer protection.& h" A, F7 Q. E' S' J* F8 Z0 \4 G* Q
* Digital signature verification can automatically trust the well-known program.
5 B9 I" C7 R0 E. V3 B* B* Built-in 7 big modes can apply for all kinds of requirements.$ ^& v+ s6 V/ Q4 V+ K; w" k3 n+ V
   
$ i3 i9 m8 E" \# f) U$ kCreating an open source firewall
) z& E+ @" S" J/ ^1 GWith ever-present threats from online attackers and script kiddies, administrators need a firewall on the border of any network. A Linux box can make a particularly effective and capable firewall at a fraction of the cost of a Cisco or Check Point system. The most obvious use for a firewall is to block unwanted traffic from entering or leaving a network. Firewalls can also make specific connections from outside hosts to internal systems, such as a mail or Web server, either behind the firewall or on a trusted or "de-militarized zone" (DMZ) segment. Almost every version of the 2.x series of the Linux kernel has a different firewall implementation, with 2.0 using ipfwadm, 2.2 using ipchains, and 2.4 implementing netfilter. 2.6 continues to use netfilter, as it is essentially a plug-in framework within the network subsystem for whichever firewall implementation we choose to use. 2.4 and 2.6 support both ipfwadm and ipchains through backports of the systems to netfilter.
5 _' h2 G& x" c8 F   3 g% w( B6 {6 H) @
Open Source Firewall for Windows; H2 t% v; u! |$ p# P
If you decide to develop a Firewall for Linux, you will find a lot of information and source code, all free. However the people interested in Firewall for Windows Platforms have a little more difficult not only for find information, find free source code is a task impossible. Of course you can find some great sample implementation on codeproject.com developed by Jesús O. NetDefender is a Free Firewall with source code, which can be downloaded along with firewall executables. Netdefender works only on windows 2000 and above versions of windows. Features :
; S" a6 J& X7 a% u# U1. User can Block all Traffic and can Allow all traffic through just one mouse click
2 i' l0 n0 Q8 [; Z  B" p% x2. It is a packet filtering Firewall.
& f- w0 N- ?) ?- z% h3 i3. User can add custom rules to this firewall as per their security requirements.
' A9 y1 o- I$ n1 H5 z
( f% `  B" N% @; B/ }5 K4 G0 kOpen Source Web Application Firewall
/ T$ y# W0 Z& B  O8 {6 i1 ZModSecurityTM is an open source intrusion detection and prevention engine for web applications (or a web application firewall). Operating as an Apache Web server module or standalone, the purpose of ModSecurity is to increase web application security, protecting web applications from known and unknown attacks. (IN)SECURE Magazine is a freely available digital security magazine discussing some of the hottest information security topics. It can be distributed only in the form of the original non-modified PDF document. he covered topics are:5 {; }4 _0 Y) c0 s4 f% |
* SSH port forwarding: security from two perspectives,3 w1 x/ |/ [) |  c: i5 C0 ^( d9 a) U
part one
5 o  Q, K, N8 s* An inside job
4 B3 O$ x$ G3 J2 ~( [% x% @* CEO spotlight: Q&A with Patricia Sueltz, SurfControl# U+ ?. j+ `8 z- W" D  v" w
* Server monitoring with munin and monit
  @4 ^5 e, ]: T  `# k   
# a6 {; M/ t( j; X' ~9 jOpen Source Firewall software; b/ k3 V! u. ]/ }1 Z$ i5 P8 g
The Seattle firewall is an ipchains based firewall that can be used on a dedicated masquerading firewall machine (including LRP), a multi-function masquerade gateway/server or on a standalone Linux system. Features:
  w# z* {' S6 k; n* Customizable using configuration files and with explicit ipchains rules without modifying the released Seattle Firewall scripts.
/ P7 G# E' O  V3 V0 T9 v* Support for status monitoring with an audible alarm when an "interesting" packet is detected.
, M& Z6 ]1 l7 {# ]0 B4 y* Support for VPN via ipip tunnels, IPSec and PPTP.4 U; e% W" |- [9 p; T
* Support for masqueraded PPTP servers, including PoPToP.4 C7 h+ S  m9 K5 w& @9 S: T
* Support for masqueraded servers (requires ipmasqadm).& x) ~% z7 _2 z. y* |+ g1 p
* Support for running PoPToP on a Linux gateway/firewall. " X+ ^' c' p1 K8 V' A: Z
     # h+ [0 i+ b, r. {
Leading Open Source firewall developers
1 ^" S  K$ v; ?Richard Morrell and Lawrence Manning, co-authors of the Smooth Wall Open Source firewall project, have joined Slash CO Limited, the UK Open Source services and information provider. Richard and Lawrence will continue to work on a number of Open Source projects, including .Richard Morrell and Lawrence Manning, co-authors of the Smooth Wall Open Source firewall project, have joined SlashTCO Limited, the UK Open Source services and information provider. Richard and Lawrence will continue to work on a number of Open Source projects, including the Smooth Wall Firewall, where Richard is the Project Manager and Lawrence the Chief Designer/Programmer. Smooth Wall has been phenomenally successful, with over 265,000 worldwide downloads in the five months since first release. Smooth Wall has featured in traditional press and online media since its launch with over 300,000 copies having been distributed via Windows and Linux magazines all over the globe.
: \% B/ w6 C* ]" }   
: z- S. V# {" P2 hOpen Source Firewall Appliance/ X( U6 u& a* q
Like millions of people, I enjoy the convenience of fast and cheap bandwidth that modern cable modems provide. Unfortunately, a fast permanent connection makes you immediately a valuable target for countless port scan and brute force attacks, a lot of those recently originating from China, Taiwan and Korea. Over the years, I went thru several firewall appliances in search for the perfect gear. I had been relatively happy with the Netgear FVS318. However, it was one of the first generation model, and the processor speed left something to be desired. It also lacked the ability to create custom firewall rules, which is paramount if you want to expose services with a fine grain control on who gets in.
回复

使用道具 举报

您需要登录后才可以回帖 登录 | 立即注册

本版积分规则

QQ|华强北 电脑城 龙岗电子世界 龙华电脑城 pc4g.com ( 粤ICP备16039863号 )

GMT+8, 2024-11-9 18:55 , Processed in 0.153486 second(s), 16 queries .

Powered by Discuz! X3.4

Copyright © 2001-2021, Tencent Cloud.

快速回复 返回顶部 返回列表