From owner-freebsd-questions Mon Dec 3 6:38:57 2001 Delivered-To: freebsd-questions@freebsd.org Received: from mail1.ruraltel.net (mail.ruraltel.net [24.225.0.34]) by hub.freebsd.org (Postfix) with ESMTP id 6074037B405 for ; Mon, 3 Dec 2001 06:38:55 -0800 (PST) Received: from darryl (p229n30.ruraltel.net [24.225.30.229]) by mail1.ruraltel.net (8.11.2/8.11.2) with SMTP id fB3EYGu27365 for ; Mon, 3 Dec 2001 08:34:16 -0600 Reply-To: From: "Darryl Hoar" To: Subject: Security paranoia Date: Mon, 3 Dec 2001 08:39:01 -0600 Message-ID: <003201c17c08$406b7010$0701a8c0@darryl> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook CWS, Build 9.0.2416 (9.0.2910.0) X-MIMEOLE: Produced By Microsoft MimeOLE V5.00.3018.1300 Importance: Normal Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Greetings, As I've mentioned we're about to plug into broad band internet connectivity. I'm going to be using my Freebsd box (4.3-release) as the router from my internal network to my ISP connection for internet traffic. I'm am quite paranoid about the 24/7 connect and hackers beating on it. The machine that will be the router will also be the firewall. I need a good set of rules to really tighten things down. Is there a website, or someplace to get a great set of rules ? I also have to run nat as my internal LAN has private non-routable IP addresses (192.168.1.*). Anybody have any links that cover these topics in a thorough manner? Should I install tripwire or some other intrusion detection to help monitor things? thanks, Darryl To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message