From owner-freebsd-hackers  Thu Sep  9 19:44:46 1999
Delivered-To: freebsd-hackers@freebsd.org
Received: from thehousleys.net (frenchknot.ne.mediaone.net [24.218.96.75])
	by hub.freebsd.org (Postfix) with ESMTP id F2D2915CFA
	for <freebsd-hackers@freebsd.org>; Thu,  9 Sep 1999 19:44:40 -0700 (PDT)
	(envelope-from jim@thehousleys.net)
Received: from thehousleys.net (housley@localhost [127.0.0.1])
	by thehousleys.net (8.9.3/8.9.3) with ESMTP id WAA36029;
	Thu, 9 Sep 1999 22:44:16 -0400 (EDT)
	(envelope-from jim@thehousleys.net)
Message-ID: <37D87080.4D44E9C4@thehousleys.net>
Date: Thu, 09 Sep 1999 22:44:16 -0400
From: "James E. Housley" <jim@thehousleys.net>
X-Mailer: Mozilla 4.51 [en] (X11; U; FreeBSD 3.2-STABLE i386)
X-Accept-Language: en
MIME-Version: 1.0
To: freebsd-hackers@freebsd.org
Subject: A Challenge
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

I have been presented with a challenge.  For a local school we have
"won" putting in FreeBSD as firewall between the cable modem and the
rest of the school network.  Our opponent is last years IT commitee
chair, who was booted because he was a jerk and wouldn't do things they
was the school wanted.  He wanted to spend about $10K on an NT box with
some firewall package.

Now the details:

I have about 5 years experance with FreeBSD.  I am running it at home
connected to a cable modem.  My server is fairly secure from the
outside.  I periodically read and act upon the builins from CERT, etc.

The box is just going to be running NATD and IPFW, maybe DHCLIENT.

Mr. NT is been told he can try and break-in, crash what ever this box
from the internet side.

I am asking for links, pointer to make sure this is configured as
secure/solid as possible.  I will be installing 3.3-STABLE over this
weekend (9/11/1999).  I really want to make sure we win.

Thanks for all help

Jim.
-- 
 James E. Housley                            PGP:   1024/03983B4D
 System Supply, Inc.                         2C 3F 3A 0D A8 D8 C3 13
 Pager: pagejim@notepage.com                 7C F0 B5 BF 27 8B 92 FE 

"The box said 'Requires Windows 95, NT, or better,' so I installed
FreeBSD"


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message