At last Fridays meeting we were surrounded by firewalls. I think there
were four IPCop boxes. To properly configure, setup and understand
what's going on with a firewall you need some basic networking skills.
Here's a short list. I'm getting everything from wikipedia. If I miss
anything let me know.
BASIC NETWORKING 101
1. Local aria network - http://en.wikipedia.org/wiki/Local_area_network
2. IP Address - http://en.wikipedia.org/wiki/IP_Address
3. Network Classes - http://en.wikipedia.org/wiki/Class_C_network
4. Firewall - http://en.wikipedia.org/wiki/Firewall
5. DMZ ( picture of 3 legged firewall ) -
http://en.wikipedia.org/wiki/Demilitarized_zone_%28computing%29
6. Ports - http://en.wikipedia.org/wiki/Network_ports
Some of the information may be difficult to read and understand. Some of
the information on wikipedia was not written for the average computer
user. I had a hard time reading some of it. Maybe someone can add to the
list or create a better one. One with easy to understand information.
FIREWALL BASICS
Make sure your interfaces are on different networks. Here's an example
1. Green network ( internal network ) could be 192.168.1.1
1. Network address = 192.168.1.0
2. Broad cast address = 192.168.1.255
3. Net mask = 255.255.255.0
4. Network Class = C
2. Orange network ( DMZ ) could be 192.168.2.1
1. Network address = 192.168.2.0
2. Broad cast address = 192.168.2.255
3. Net mask = 255.255.255.0
4. Network Class = C
3. Red network ( Internet ) DHCP
1. Should be different from other networks
1. if Red is 192.168.1.x you should change the Green
network to something else
NOTE
* Notice that the Green and Orange networks are not the same. They
can't be.
* 192.168.1.0 can't be used for anything. It's a network address.
* Connecting the firewall to a workstation requires a switch/hub or
a crossover cable
BASIC PORT NUMBERS
1. Web Server = 80
2. pop3 email = 110
3. SMTP = 25
I hope this helps. I left out a few things but this should be enough to
point people in the right direction.
---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Tue Jan 23 12:36:43 2007
This archive was generated by hypermail 2.1.8 : Tue Jan 23 2007 - 12:36:43 AKST