FreeBSD Security + Firewall set up
redjupiter at ntlworld.com
Tue Nov 26 21:24:33 GMT 2002
On Tue, Nov 26, 2002 at 07:36:15PM +0000, Ajay Sharma wrote:
> Hi All,
> I am a FreeBSD newbie (and unix for that matter) and have two questions
> concerning firewalls and security. I have two servers both running FreeBSD
> v4.7 as follows.
> The first is an Apache Webserver and is connected to the world wide web and
> therefore only accessible via the Internet.
> The second is a database server running MYSQL. It is connected to the first
> server via a cross-over cable only.
> Both machines have different IP subnet addresses. Like anyone else, I want
> the firewalls to be air tight on both machines.
> I want normal user access on Port 80 for the webserver and remote access
> via ssh for admninistration purposes. I would also like to get to the
> second server through the first, again for administration purposes only.
> Q - Can anyone help on how to go about setting up the firewall rules to
> acomplish this on both machines using IPFW. I am happy with recompiling the
> kernel to enable the firewall.
> Second question involves any hints or tips on how to secure FreeBSD based
> on the above scenario.
Hi I am also a newbie. By reading the manuals, the handbook, adn some handy scripts I managed to configure my
machine. I used ipfw though. Seem to work for me.
Goto www.mostgraveconcern.com/freebsd and grab as many scripts as you can and modify to suit your requirements.
Also goto www.linux-firewall-tools.com/linux/friewall/index.html, and they have a nice web based firewall builder.
You just need to answer some questions and then download the script and modiy.
when done, goto www.sygate.com and at the bottom of the page there is another page for testing. Follow the instructions
to test your friewall.
hope this helps and good luck.
More information about the Ukfreebsd