From Novell To Linux
Man, I hate to admit this…
But, my home network is illin’, yo. I have run Netware at home for years. My firewall has been Bordermanager, because who the heck knows enough about it, besides me and the guys at Novell, to crack it? Yeah, yeah, I know, security through obscurity is a Bad Thing, but sometimes it does work. Anyway, I have one Netware server that crashes hard with the slightest power fluctuation, even with line conditioners in place. Just the littlest bit of power blip makes it shutdown. Not reboot, mind, but shutdown. And, several weeks ago when it did that, the data volume took a dump and never came back. I have no idea how much data I lost there, or how mad my wife is going to be because of the data she lost there, but I don’t think it’s coming back this time.
So, that got me thinking… Why should I stick with Netware? I’m more of a Linux guy now anyway, so maybe it’s time to look into Linux firewalls.
Any suggestions? And, anyone have any suggestions for ways to try and recover that crashed Netware data volume?
If you are looking at a stand alone box to do the firewalling, I think that Smoothwall is fantastic.
If you are looking at having other services, it sounds like you had at least file sharing on the other server too, then get multiple network cards and run IP tables. This way you can really lock down the interface that faces the internet and then run the other services only on the other interface.
I have done it both ways and they work. It is hard to justify a separate box for a firewall at home but there is always a danger in running other services on a box that is suppose to be the security wall.
Comment by Stone — 7/5/2005 @ 11:51 am
Yeah, a stand alone box is pretty hard to justify, but I do have some really old hardware I could do that with, even at home. I looked at Smoothwall as a possibility, but I wanted to see other options.
Straight IPTables is, of course, an option, but I’ll need to read up on it more first. I haven’t configured IPTables since I passed my Linux+, and they never even asked any questions about it! Also, I was sort of looking for something that had pre-configured reports and integrated IDS that I wouldn’t have to read up on as well. I can think of at least two people that would like a look behind my firewall, so I don’t want to take any chances. (And, no, they probably aren’t who you’re thinking of, no matter who you’re thinking of. 😉 )
Comment by the Network Geek — 7/5/2005 @ 12:51 pm