Labo bethu abacwilisiwe emhlabeni we I-GNU / Linux ne-Free Software, sikujwayele ukuthi nsuku zonke sazi ukusatshalaliswa okwehlukile, okuqondiswe ezintweni ezihluke kakhulu.
Namuhla ngikulethela isibonelo esincane salokhu. Yebo, kunokusabalalisa okuningi (okuningi) okususelwe noma okugxile ekubeni yi-FireWall noma i-Firewall. Kepha okokuqala ... siyini isihogo somlilo?
Ngokusho kweSAN I-Wikipedia.
Un isicishamlilo (firewall ngesiNgisi) kuyingxenye yohlelo noma inethiwekhi eyenzelwe ukuvimba ukufinyelela okungagunyaziwe, ngenkathi ivumela ukuxhumana okugunyaziwe.
It is a device or set of devices configured to allow, limit, encrypt, decrypt, the traffic between scopes different based on a set of imithetho kanye nezinye izindlela.
Ngokuyinhloko i-firewall, njengoba imelwe njalo. Kungumdonga osika noma obamba ukufinyelela, lokhu kungaba kokubili kusukela ekungeneni (Kusuka kwi-inthanethi kuya kithi) Noma kunalokho ... Kusuka Ngaphakathi kuye ngaphandle.
Izicishamlilo zivame ukufakwa endaweni ye-DMZ (indawo ehlukunyezwe ngabasebenzi). Le ndawo empeleni lapho i-router yethu ingasebenzisi noma iphatha nge-firewall yangaphakathi (engeyona leyo). Ngale ndlela yonke ithrafikhi iqinisekisiwe kuseva yethu.
Kufanele futhi kucaciswe ukuthi noma ikuphi ukusatshalaliswa kungasetshenziswa njenge-Firewall noma iRouter. Kuphela kukhona ezinye esevele "Zilungile" noma zenziwe ngaphambilini. Ngezinto ezifana ne-NIDS (Intrusion Detection System) ETC.
Ngayinye yalezi zabelo inama-PRO ayo nama-CONS.
Yize kuningi, sizobala okumbalwa nokuthi yiziphi izinketho onazo.
I-ClearOs
Ngaphambili kwakuthiwa yi-ClarkConnect, lokhu kusatshalaliswa kususelwa ku- I-Red Hat / i-CentOS, Isixazululo esibanzi sezinkampani ezinikeza:
- firewall iptables.
- Uhlelo lokuthola ukungena ISINYANYA
- I-Virtual Private Network (PPPT, IPSec, OpenVpn)
- Ummeleli onokuhlunga okuqukethwe (Squid, DansGuardian)
- izinsizakalo ze-imeyili (Webmail, I-Postfix, SMTP, I-POP3/ s, I-IMAP/ s)
- I-Groupware (UKolab)
- Isizindalwazi neWebhu Server (LAMP)
- Iseva yefayela nezinsizakalo zokuphrinta (Samba futhi CUPS)
- I-Flexshares (isitoreji esinobumbano se-multiprotocol sisebenzisa Ama-CIFS, HTTP/ S, FTP/ S, futhi SMTP)
- I-MultiWAN (Iphutha Lokuklama i-Inthanethi Ebekezelayo)
- Imibiko yezibalo zohlelo nezinsizakalo (I-MRTG nabanye)
<h3Devil Linux
Ukusatshalaliswa kwe-GNU / Linux okufanele kusetshenziswe njenge-Router / Firewall, egijima futhi isebenze kusuka ku-Live-CD, iyenze ikwazi ukusebenza kusuka kwi-PC endala. Ayisebenzisi isikhombimsebenzisi sokuqhafaza, ifaka phakathi i-DNS, iWebhu, i-FTP, izinsizakalo ze-SMTP, amathuluzi afana ne-Mysql, i-Wget ne-Lynx, nezinsiza zokuphepha ezifana ne-OpenVPN neShorewall. I-Linux kusuka ekuqaleni(I-Linux kusuka ekuqaleni) isistimu yokwakha yokusabalalisa ye-Linux evumela umsebenzisi ukuthi azenzele izinguqulo zakhe zenkambiso.
http://www.devil-linux.org/
I-Endian Firewall
Kuyisabelo I-GNU / Linux Umthombo ovulekile okhethekile ku-Routing / Firewalling, othuthukiswe yi-Italian Endian Srl nomphakathi we-Endian. Ekuqaleni kususelwe ku-IpCop okunye ukusatshalaliswa okwakuyimfoloko yeSmoothWall.
Inguqulo 2.2 iqukethe:
- firewall (Zombili izinkomba)
- I-Network yangasese eyi-Virtual (I-VPN) Isango con I-OpenVPN o I-IPsec
- kuwebhu I-antivirus
- kuwebhu I-Antispam
- I-E-Mail Antivirus
- Imeyili Antispam
- I-Transparent HTTP Proxy
- Ukuhlunga okuqukethwe
- I-Hotspot / engenantambo
- Ukusekelwa kwe-SIP I-VoIP
- Ukuhumusha kwekheli lenethiwekhi
- Ikheli le-IP eliningi (iziteketiso)
- Isixhumi esibonakalayo sewebhu se-HTTPS
- Izibalo zokuxhuma
- Ilogi yenethiwekhi
- Ukudlulisela phambili izingodo kuseva yangaphandle
- Iseva ye-DHCP
- Iseva ye-NTP
- I-IDS (Uhlelo Lokuthola Ukungena)
- Ukusekelwa Kwemodemu ye-ADSL
I-Floppyfw
Ukusatshalaliswa kwe-GNU / Linux kuyasebenza I-BusyBox ukuhlinzeka nge-firewall / router kudrayivu yediski ebhuthayo.
I-Floppyfw igcinwa yi UThomas lundquist, ngaphansi kokuthuthukiswa okuqhubekayo. Uhlobo lwamanje ngu-3.0.12
Izidingo
- Iprosesa ye-Intel 80386SX noma engcono
- Amakhadi amabili enethiwekhi
- Idrayivu yedrayivu engu-1.44 MB
- 12MB RAM
Kufaka:
- Uhlu lokulawula ukufinyelela
- ip-masquerading (ukuhunyushwa kwekheli lenethiwekhi)
- ukuhlunga iphakethe
- umzila osezingeni eliphakeme
- Ukushayiswa Kwethrafikhi
- I-PPPoE
- uhlelo olulula lokupakisha, olusetshenziswa ngabashicileli, i-VPN, ukumiswa kwezimoto
- Ukungena nge-klogd / syslogd endaweni yangakini futhi ukude
- Ukusekelwa kwembobo yomkhiqizo nge-console
- Iseva ye-DHCP ne-DNS cache yamanethiwekhi angaphakathi
http://www.zelow.no/floppyfw/index.html
Eziningi zalezi zabelo zingabuye zifakwe ezinhlotsheni ezithile zama-routers.
Okusetshenziswa kakhulu ukufakwa kuma-routers yi-
I-Openwrt
Ukusatshalaliswa kwe-GNU / Linux okutholakala kuma-routers nakumadivayisi ashumekiwe. Iqukethe isethi yamaphakeji esoftware angaba ngu-2000 afakiwe futhi akhishwa ngaphansi kohlelo lokuphathwa kwephakeji le-opkg. I-OpenWrt Ingalungiswa kusetshenziswa isikhombimsebenzisi somugqa womyalo weBusyBox, noma isikhombimsebenzisi sewebhu seLuCI.
I-Operwrt ingasebenza kuma-routers e-CPE, amasango okuhlala abantu, ama-smartphones, ama-pocket computer noma ama-PDA kanye nama-laptops amancane afana ne-OLPC, kepha futhi kungenzeka ukuthi isebenze kumakhompyutha ajwayelekile we-x86. Iphrojekthi ifaka i-wiki, iforamu, i-SVN Source Version Control, ne-Trac yokuphathwa kwephrojekthi, ukulungiswa kwamaphutha, nokuthuthukiswa kwamakhodi.Ukuxhaswa okwengeziwe kwezobuchwepheshe kunikezwa nge-IRC.
Abanye ... * m0n0wall
*PfSense
* IClarkConnect
*eBox
* I-SmoothWall
* Qeda
* IPCop
Ngiphetha ngokusho ukuthi hhayi ngoba ufaka okukodwa kwalokhu kusatshalaliswa, inethiwekhi yakho izoba ephephe kunazo zonke emhlabeni. Konke kuncike ekusebenziseni, ukumisa nokulungisa okunikeza kulo lonke uhlelo.
Ukubingelela!
I-OpenWRT ishumekiwe nge-linux, ivame ukubonakala kakhulu njenge-firmware kune-OS, yize iseyi-linux, okuyiyona ngqangi yalokhu okuthunyelwe.
Ngincoma nokuthi ubheke ngaphezulu, okungenani lokhu okubili:
- I-Astaro Security Linux (okwamanje ephethwe yi-SOPHOS, eyi-antivirus, ngithole ukuthi ngifuna i-URL ukuyibeka lapha) http://www.astaro.com/blog/up2date/astaro-security-linux-20
- UVyatta Core http://www.vyatta.org/
- I-PfSense nayo inhle kakhulu, kepha njengoba sekushiwo, isuselwe ku-BSD
awunakho okuthunyelwe kokusatshalaliswa kwe-linux ukwenza umzila ??? bekungaba kuhle
Abamsebenzisa emsebenzini wami yi-pfsense, kepha yi-BSD distro
http://distrowatch.com/table.php?distribution=pfsense
Yebo, nami ngiyifunde lapho. Ngifunde kahle ngaye.
Okuhamba phambili kakhulu yi-pfsense, yize ingasuselwa ku-linux, kepha kunalokho ku-BSD. Le FW nayo ilayisha ukulinganisa, i-PF, njll. Ungumokstro wangempela uma kukhulunywa ngokuphepha
Ngisebenzisa i-Utangle emsebenzini wami, kulula futhi futhi bane-Lite version yamahhala engaphezulu kakhulu ngokwanele kuma-PC ayi-100 enginawo emagatsheni ama-3 engiwaphetheyo.
Bengingazi ukuthi kunama-distros amaningi firewall ku-linux
Saludos !!
Okunye okwenza kahle kakhulu yiBrazilFw.
Ukulawula,
Nginenkinga futhi ilandelayo, ukubona ukuthi ungangisiza yini.
Ngine-squid 2.7 server efakiwe futhi konke kusebenza kahle, inkinga iza lapho indoda ethile ehlakaniphile kunethiwekhi ibeka ummeleli walabo abakhona ku-intanethi futhi bangihleka ebusweni.
Manje, ngingenza kanjani ukuze bangakwazi ukusebenzisa lawo ma-proxies we-inthanethi futhi basebenzise eyodwa kuphela evela kunethiwekhi yangaphakathi.
Usizo lwakho lwamukelekile kuleli cala.
UFausto Disla
I-PfSense iyona ehamba phambili kakhulu, imbalwa, imisebenzi-, yenza umsebenzi wayo kahle kakhulu.
Ngiyabona ukuthi bamazi kancane kakhulu.