New Firewall Rocks!

Advertise with us
Shop deals on ebay
shop deals on amazon
Intlwaters

Help Support Intlwaters:

This site may earn a commission from merchant affiliate links, including eBay, Amazon, and others.
T

TomMoorehouse

Guest
I'm really excited about this new firewall. If you think ZoneAlarm is cool this is 100X more powerfull. Looking at our Intrusion Detection System log i'd be amazed if we never been hacked. I bet this is why we have been having problems lately. As you can see since it was installed the server has not stopped serving up pages. Where as before the firewall was installed almost every nite I had to restart the server because it had stopped responding to web page requests. Most likely over Thanks-Giving I will totally redo the server again so that I can resolve the picture display and have a good sense of security with the system. If you are intrested have a look at the Intrusion Dection system log file from the past couple days at http://www.intlwaters.com/ids.txt I would post the firewall's log file but it is too huge! It has been stopping even more stuff than the I.D.S.
 
I don't know if it's the firewall or what, but loading this site and surfing through it had really slowed down for me since it was installed. Is this going to be the norm from now on?
 
Ron I am aware of the problem. The thing is all the sites but intlwaters are smoking fast. I have been searching for the cause for days without luck. we also have the picture post prob in the forum. I am trying to avoid having to redo the server but it might come to that. Looking at the firewall log file I would be suprised if we have never been hacked ever. I'm starting to think this is the case.... before the firewall was installed i had to restart the server every day because the server would stop serving web pages (everything else worked fine though).I have a couple more tests to do..... if i dont figure it out I will try reformatting the server again and starting all over. I have 100 more confidence with the new firewall that we wont be hacked ever again..... it is that good! but it might be the reason we have probs now..... it's like someone had control over us to stop us from serving up pages before but with the firewall it stopped...

guess i'm trying to say..... i'm working on it :-

tom
 
well tonights testing convinced me that it is the firewall..... thats good news and bad..... it means i dont have to redo the server..... a huge project! but since i dont know much about linux it might be even harder in the long run to fix for me... i tried posting to the support group but it does not seem to be working... ill post more as i learn more. :-
 
i tried posting to the support group but it does not seem to be working... ill post more as i learn more. :-
Click to expand...
Support group? Tom, are you a recovering computer addict? ;)

We have confidence in ya, Dude! You 'da man!
 
Tom,

are you running the firewall software on your server?? if so this will be the problem, the firewall will slow everything down,

i would try and setup the old server as a firewall and use it as the gateway between the server and the internet, put 2 nics in it and set them up with a internal interface going to a 100mb switch and the server and and pc's you want on the net going to that, and then the other interface going to the router to the internet or your modem,

this will reduce traffic on the server and the gateway will drop the non required packets and the server will only take the required packets.

Dale
 
:eek: ??? :eek:

Hey Dale...I thought you spoke English in Aus? ;)

(at least I got the pics working!)
 
heheheh sorry ;D

thats boffin talk!! damm it makes me feel like a nerd!! :-

better go suck some beers now and kill some brain cells! ;D
 
well i must be a nerd :eek:

anyways i have an old pc running a linux firewall with a red(internet) green(workstation) and orange (server) zones.... yep that is 3 nic in 1 box...

thats pretty much like you said... its so cool that it blocks all the stuff before it even gets to the server..... it runs snort ids and stops all kinds of crap!

for some reason the firewall wont let the server access itself and it seems php wants to do this to display pics on the forum and with the main page load..... i cant even use a web browser to see my own web pages from the server!
 
OK it sounds like the firewall is set too tight, you may need to allow some packets to get through, you should only need port 80 and 21 for the server, port 80 for web and 21 for ftp uploads of pics. there must be something in the PHP that the firewall dosent like, do you have a packet sniffer to see what it is doing??
 
i got ports 80, 21, 25, 110 port forwarded to the server. I also tried external access, and dmz pinhole and they did not work.

it has got me totally stumped! :-
 
i can ping any website i want from the server except the ones we host on the server. if i ping one of our sites it says destination port unreachable????
 
do you have ping allowed to ping back into your server?? i dont think you would, thats why you can ping on your server, cause the firewall is blocking it!

you are using the server as a mail server as well??

you tryed external access from the server and couldnt get out, but you can on the woekstation??

sounds like a IP address is not in the firewall properly.

Dale
 
i run web, ftp, email servers on the new dell server. they all work fine (except for the web server problems of course). I have tried both port forwarding and external access. I can ping from the dell server any web address i want just fine. just when i ping the dell server from the dell server it does not go. says destination port unreachable. make sense? is this a security feature??
 
You should be able to ping your own ip address, i can do it here, but i dont know why that wouldnt be working, basically anything that is done on that machine should be allowed, so open that ip address to full access,

thats one of the advantages of running the firewall on another machine.

Dale
 
so open that ip address to full access,

thats one of the advantages of running the firewall on another machine.

Dale
Click to expand...
ummm from what i can see i dont have a "full access" option. it has only port forwarding and external access.

have any tips/hints on ho I would do what your saying?

thanks for the help

tom
 
Hmm,

most of the firewall exprience i have is with sun guntlet and firewall 1, you can do anything to anything with that, if you just have port fowarding you will not be able to ping those things as the firewall will drop the ping packets,

if you take the firewall off the server and put it on another machine you will be able to ping everything behind the firewall,

Dale
 

Similar threads

J
2014 Fall Nationals Registration Opening Up
2
Replies
28
Views
4K
Tom Foley
Tom Foley
nicholashansen
My first RC boat build, modern day 1/8 scale brushless Hydro! WOO HOO!
Replies
13
Views
7K
nicholashansen
nicholashansen
Bill Britton
rcRacingEvents.com
Replies
1
Views
581
Lamar_Huff
Lamar_Huff
Roger Hooks Jr.
How to Go about securing New (More Public) run sites
Replies
7
Views
835
Roger Hooks Jr.
Roger Hooks Jr.
Dan Hydro
OT - IMPBA site infected
Replies
4
Views
456
bzubee
bzubee

Latest posts

Back
Top