| |
YU7IBS > TECHNI 19.12.25 00:03z 49 Lines 2455 Bytes #29 (0) @ WW
BID : 24899_YT7MPB
Subj: Computer network administration
Path: SR8BBS<SR1BSZ<OK0NBR<OK2PEN<N3HYM<YT7MPB
Sent: 251218/1709Z 24899@YT7MPB.#NSD.SRB.EU LinBPQ6.0.25
Dear radio-amateurs,
This topic for systems and computers network administrators.
Big greetings to everyone! By Viktor YU7IBS 73 :)
I have simply home server making with Desktop computer and Linux Ubuntu 24.04
server operating system.
This server use for: netwrok sharing data on my TeraBytes disks, VPN from
internet to my local network,
and several "http" web sersvers that I put on the internet for.
I recently added the "HTTPS" module to the host in any case, because "HTTP"
servers on the internet are insecure.
In this way, I protected the monitoring of internet traffic to some extent.
However, my local network and the hosts within it are still exposed to
danger, because hackers can push malware or any kind of malicious traffic
through UDP/TCP IP ports that are open to the internet.
When virus and hack program occupies any host in local network, all hosts in
dangerous.
With it host malware programs have all control on local network and other
hosts.
In order to prevent this, I plan to develop a specialized firewall capable of
inspecting traffic on all internet-facing ports, even at the application
level.
As hardware support, I would use old motherboard with Celeron or Pentim
procesor and 1Gb/s ethernet card, because my local network 1Gb/s.
On this settup I am going to plan install something Linux kernel with
integrated good firewall.
I have found for example "IP fire" specialized Linux krenel with firewall
function.
I am going to test it with my father, because he was administrator network
nad has great knowledge from computer network.
I also inherited his profession! :)
Unfortunately he didn't work in detail firewalls, bacuse copmany have
profesional routers with firewall which automatic learning configuration.
More accurately, these firewalls operate in a learning mode for a defined
period (e.g., one month) to profile allowed traffic, after which they are
deployed in production and internet-facing.
We are still making something simpler with a Linux shell where we will do
everything manually.
If any of you have worked with computer networks or system administration, do
you have experience with these universal Linux firewalls?
Do you have any recommendations for alternatives, or advice regarding the one
I mentioned, "IPFire"?
If anyone has experience with this, I would appreciate any good advice or
suggestions as a small form of help. :)
Big greetings to everyone! By Viktor YU7IBS 73 :)
Read previous mail | Read next mail
| |