yeah, i read somewhere that Norton is up there with the best. I like Symantec products. Norton Anti-virus works great for me.
Buy on AliExpress.com
What's your Fav Firewall? (1 Viewer)
- Thread starter Majed
- Start date
Buy on AliExpress.com
Thanks for the info, Majed.
I alwasy had problems with Symantec for some reason. The extra firewalls are going to come in handy now that the "Sasser" worm is out and about.
BTW, I don't have any other PC's hooked up to my router, just an XBox and a PS2, and since Sony, I Believe, uses a Linux server, there would be no problems there.
I alwasy had problems with Symantec for some reason. The extra firewalls are going to come in handy now that the "Sasser" worm is out and about.
BTW, I don't have any other PC's hooked up to my router, just an XBox and a PS2, and since Sony, I Believe, uses a Linux server, there would be no problems there.
I was looking for something to act as a proxy server for my network of 30 computers & Martin suggested I try out Smoothwall. Well I had a spare PII 450 Mhz, 128MB RAM, 6.4GB & 2 Realtek NIC's. My network recieves the internet from two sources. My ISP acts as my uplink & I have a satellite for my downlink. At first I had trouble fitting this scenario to Smoothwall. The network is divided - 14 Computers upstairs & 19 Computers downstairs but am currently running 30 computers. So I have a 16 port switch on the upstairs network & a 24 port switch on the downstairs one. Add the ethernet cables from my router (2 of them) & 1 from the DVB router and you will get the whole picture. After much analysis I found the best solution. I got a new 8 port switch which housed the ethernet from the router & DVB then this was channeled to the firewall's (Smoothwall) first NIC(Red) and the outlet from the second NIC(Green) connected to my 24 port switch downstairs & a cable ran from downstairs to upstairs connecting both networks.
I installed Smoothwall without any hassles & the linux box has been on for 6 days & works like a charm. It is richly featured and works great in the background. The web interface is classic & perfectly designed. Thus far I could not be more satisfied with these setup. I am still looking at customising it but it seems like I will to get down to the nitty gritty of Linux. The time has finally arrived.
Thanks Martin.
I installed Smoothwall without any hassles & the linux box has been on for 6 days & works like a charm. It is richly featured and works great in the background. The web interface is classic & perfectly designed. Thus far I could not be more satisfied with these setup. I am still looking at customising it but it seems like I will to get down to the nitty gritty of Linux. The time has finally arrived.
Thanks Martin.
I'm glad you made it work, Ali. The two biggest talking points for Smoothwall is impeccable stability and of course low cost 
. I should warn you that it doesn't leave much room for customization (cause it's designed for security security security), so unless you can do what you want from the web interface you'd have to hack the Linux system yourself.
I think I remember seeing that it could function as a web caching proxy, is that so? Or did you do something separate for the proxy?
. I should warn you that it doesn't leave much room for customization (cause it's designed for security security security), so unless you can do what you want from the web interface you'd have to hack the Linux system yourself. I think I remember seeing that it could function as a web caching proxy, is that so? Or did you do something separate for the proxy?
My immediate task was ICS so as soon the connection sharing was sorted I was able to fulfil my immediate needs. But having looked into the features I found that you can run the following:
1. Logging server - I find this essential.
2. DHCP server - Pure joy.
3. DNS proxy server - Running.
4. Kernel logging server - Pretty detailed.
5. Web proxy - Not running.
6. Web server - Running but not in use.
7. Secure shell server - Stopped
8. Intrusion Detection System - Stopped - Too resource hungry.
9. CRON server - Have to figure how to setup auto time updates here.
VPN - Will look into it later.
Since I figure the proxy will require much more oomph on the box I have decided to shelve it for a while. Am more interested in looking into hacking linux. There are a number of jobs done by this fella Marty which I would like to explore.
1. Logging server - I find this essential.
2. DHCP server - Pure joy.
3. DNS proxy server - Running.
4. Kernel logging server - Pretty detailed.
5. Web proxy - Not running.
6. Web server - Running but not in use.
7. Secure shell server - Stopped
8. Intrusion Detection System - Stopped - Too resource hungry.
9. CRON server - Have to figure how to setup auto time updates here.
VPN - Will look into it later.
Since I figure the proxy will require much more oomph on the box I have decided to shelve it for a while. Am more interested in looking into hacking linux. There are a number of jobs done by this fella Marty which I would like to explore.
Don't you mean dns caching? I have that on mine and it's heaven. I can finally set up my network nodes with static ips (assigned by dhcp on the very same box) mapped to MAC addys, that way they always have the same ip and then put the ips in the dns cache and voila I have dns@home.
Obviously you could do this by storing the ips-hostname pairs in the hosts files on each computer (windoze and linux) but then you'd have to update them with any changes made AND handle dynamic ip woes. So my current solution is just immensely elegant, no thanks to me, of course, just using software that's out there.
Obviously you could do this by storing the ips-hostname pairs in the hosts files on each computer (windoze and linux) but then you'd have to update them with any changes made AND handle dynamic ip woes. So my current solution is just immensely elegant, no thanks to me, of course, just using software that's out there.
Marty, does smoothwall tell u how much bandwidth u've saved thanks to caching? I'm on a 10GB limit, so I like to know :thumb:nono, you're missing the point. There are two caching potentials here.
1. http cache (possibly caching for other protocols too, eg ftp)
2. dns cache
http cache saves you bandwidth and you can also use the proxy to restrict user access to the web, possibly other protocols. This I don't use at all cause I don't really need it and the more services I run on the box, the bigger the chance that something will mess up. It's a P160 so I like to keep it running at around idle 24/7 with just dhcp, dns and the web server for the web interface.
dns cache saves the bandwidth used to lookup dns from your isp, so in fact very very little. the main gain is a slight speed improvement on dns, not to mention the ability to store all the static dns info you might want on the caching server (which is what I explained above).
1. http cache (possibly caching for other protocols too, eg ftp)
2. dns cache
http cache saves you bandwidth and you can also use the proxy to restrict user access to the web, possibly other protocols. This I don't use at all cause I don't really need it and the more services I run on the box, the bigger the chance that something will mess up. It's a P160 so I like to keep it running at around idle 24/7 with just dhcp, dns and the web server for the web interface.
dns cache saves the bandwidth used to lookup dns from your isp, so in fact very very little. the main gain is a slight speed improvement on dns, not to mention the ability to store all the static dns info you might want on the caching server (which is what I explained above).
Also referred to as a Web proxy cache, a function of a proxy server that caches retrieved Web pages on the server's hard disk so that the page can be quickly retrieved by the same or a different user the next time that page is requested.
The proxy cache eases bandwidth requirements and reduces delays that are inherent in a heavily trafficked, Internet-connected network. Because the page is stored locally on the proxy server, the page is delivered to the next request at local network speeds.
The proxy cache also is advantageous when browsing multiple pages of the same Web site. The proxy cache also stores all of the images and sub-files for the visited pages, so if the user jumps to a new page within the same site that uses, for example, the same images, the proxy cache has them already stored and can load them into the user's browser quicker than having to retrieve them from the Web site server's remote site.
------------------------------------------------------
That's what I meant Did I mention I have a spare Compaq Presario to do my bidding?
The proxy cache eases bandwidth requirements and reduces delays that are inherent in a heavily trafficked, Internet-connected network. Because the page is stored locally on the proxy server, the page is delivered to the next request at local network speeds.
The proxy cache also is advantageous when browsing multiple pages of the same Web site. The proxy cache also stores all of the images and sub-files for the visited pages, so if the user jumps to a new page within the same site that uses, for example, the same images, the proxy cache has them already stored and can load them into the user's browser quicker than having to retrieve them from the Web site server's remote site.
------------------------------------------------------
That's what I meant
Did I mention I have a spare Compaq Presario to do my bidding? 
++ [ originally posted by Martin ] ++
Don't you mean dns caching? I have that on mine and it's heaven. I can finally set up my network nodes with static ips (assigned by dhcp on the very same box) mapped to MAC addys, that way they always have the same ip and then put the ips in the dns cache and voila I have dns@home.
Obviously you could do this by storing the ips-hostname pairs in the hosts files on each computer (windoze and linux) but then you'd have to update them with any changes made AND handle dynamic ip woes. So my current solution is just immensely elegant, no thanks to me, of course, just using software that's out there.
Don't you mean dns caching? I have that on mine and it's heaven. I can finally set up my network nodes with static ips (assigned by dhcp on the very same box) mapped to MAC addys, that way they always have the same ip and then put the ips in the dns cache and voila I have dns@home.
Obviously you could do this by storing the ips-hostname pairs in the hosts files on each computer (windoze and linux) but then you'd have to update them with any changes made AND handle dynamic ip woes. So my current solution is just immensely elegant, no thanks to me, of course, just using software that's out there.
Am not planning on doing caching coz i will need to update the smoothwall box to a P4 with loads of RAM to handle 30 computers. And graham my bandwidth is small but I dont have a traffic limit so am more concerned with speed. To improve on speed am looking for other solutions like data compression. Anyone ventured into this?
++ [ originally posted by Martin ] ++
Well it's also that the proxy server isn't all that stable, not as stable as the other services I run. Also the fact that I have bandwidth to spare, don't need to save it.
Well it's also that the proxy server isn't all that stable, not as stable as the other services I run. Also the fact that I have bandwidth to spare, don't need to save it.
I have a way of confusing people, don't I? I use dhcp + dns caching to achieve this for my local network:
+ dynamic ips
+ name resolution
Point is that if you mix them it becomes a more powerful combination
Network has 6-7 nodes btw.
Compression where? If you're thinking about gzip (compressed web pages sent to the user and decompressed by the browser dynamically) then it depends entirely on the website itself. Our forum uses gzip but the main site doesn't as I have given up on getting it working properly.
gzip is fantastic for slow links, cause just with basic Huffman compression you get a ratio of about 10:1 with regular text (which html is, jpg/gif are already compressed of course so little to be gained there), though I'm sure their algorithm is better than that.
http://leknor.com/code/gziped.php?url=http://www.yahoo.com
yahoo.com doesn't use it, if they did the data amount would be 27% of what it is at compression level 1 (least cpu intensive)
+ dynamic ips
+ name resolution
Point is that if you mix them it becomes a more powerful combination
Network has 6-7 nodes btw.
Compression where? If you're thinking about gzip (compressed web pages sent to the user and decompressed by the browser dynamically) then it depends entirely on the website itself. Our forum uses gzip but the main site doesn't as I have given up on getting it working properly.
gzip is fantastic for slow links, cause just with basic Huffman compression you get a ratio of about 10:1 with regular text (which html is, jpg/gif are already compressed of course so little to be gained there), though I'm sure their algorithm is better than that.
http://leknor.com/code/gziped.php?url=http://www.yahoo.com
yahoo.com doesn't use it, if they did the data amount would be 27% of what it is at compression level 1 (least cpu intensive)