Part 1: How to Set Up a Linux-Based Firewall for a SOHO
part 1 of a 3-part series
April 30, 2001
With telecommuters and small-office workers relying more on the Internet, security is becoming an increasingly important issue for systems administrators. To combat the wily hacker, many companies are turning to lightweight Linux-based firewalls. But doing so is no small feat, especially for the Unix-weary. To assuage any fears, this article will show you how to set up a Linux-based personal firewall for the SOHO (small office, home office), broadband-attached network. It also takes a look at several SOHO firewalls and determines whether or not they can keep your systems safe from intruders.
The term firewall (as described in this article) is one of many appropriated from other industries to fit the needs of technology. Originally, a firewall was a strengthened part of a building's structure designed to keep a fire contained within a specific area. When IT managers and software developers wanted to add security to their networks, the term was used to describe the layers of defense put into a server to protect against unauthorized access.
However, the idea of a SOHO-specific firewall has taken time to develop. The first SOHO products have appeared only in the past 18 months. Although there has been considerable skepticism about the usefulness of such packages, the market for SOHO firewalls is set to explode. With more small- and home-office workers spending increasing amounts of time online, there's growing concern among corporations about the security of their remote systems. Thankfully, the major software vendors are reacting to this concern.
Currently, the majority of standalone PCs won't benefit from a SOHO firewall, as the available protection is limited. Even the most sophisticated SOHO firewall software can't provide complete protection against a determined effort to break in. (See sidebar, "SOHO Firewalls Are Not Safe.")
While hacking is almost as old as the computer itself (the term was first coined to describe the phenomenon in 1984 in Steven Levy's book, Hackers), the number of hardcore hackers is limited, and they certainly have other priorities besides SOHO computer systems. Most hackers take pride in not causing damage during intrusion. However, the risk is there technically. With the number of computers spending time attached to the global telecommunications system growing at current rates, SOHO firewall protection is becoming an issue of increasing importance.
A growing amount of choice also is available to the SOHO firewall buyer. This comes from a mix of old and new companies. Large-scale corporate firewall providers are scaling down their enterprise-level software for SOHO use, while new companies are building software from scratch.
This article approaches SOHO firewall products from an ordinary user's standpoint, looking at how easy a product is to use as well as covering the technical facilities of each package. Given that, until recently, SOHO firewall software has required specialist knowledge, you should pick out the level of sophistication with which you feel most comfortable.
This article also will provide extensive hands-on examples to give you practical experience in the realities of securing SOHO establishments. It will show you what your options are, as far as hardware/software solutions are concerned; how to employ a Linux-based SOHO firewall using X products; and how to set up this type of firewall, focusing on all of the gotchas to watch out for.
Note: It's worth pointing out that a cut-down version of ZoneAlarm is available as a free download from the manufacturer's Web site. You should consider trying this product first to see whether you like the user interface and the level of functionality before investing money in the software.
Warning: URLs can change without notice.
In my usability testing I found that none of these SOHO firewalls are good enough to provide protection from an advanced attack. However, it's becoming important for everyone to have at least some level of protection on his or her computer system, if only to deter the casual intruder. Ever increasing amounts of high-value information -- both business and personal -- are being stored on computers, and smart users will do their best to protect it.
In any event, a new breed of distributed, centrally manageable SOHO firewalls can help prevent attacks to the enterprise via remote employee PCs. Let's take a look.
The Realities of Securing SOHOs with Firewall Protection
In December 2000, a bank in Southern California received a call from an online customer asking why one of its computers was trying to hack into his system. It turned out that the machine doing the hacking belonged to the bank's president and had been commandeered remotely by an employee. The president called Conqwest, a Holliston, Mass.-based IT security services firm that is now rolling out SOHO firewall software across the bank's 136 internal desktop, laptop and remote computers.
Until recently, companies thought antivirus and VPN (virtual private network) technologies would keep remote-worker connections safe. But as more workers access the Internet through broadband services, such as cable modems, exposure to hacking attacks through those machines has increased. In October 2000, for example, a hacker broke into a Microsoft Corp. employee's home computer and exploited the VPN connection to penetrate the company's internal network. (See sidebar, "Packet-Filtering Firewalls and Policy-Based Routing.")
At the time of the Microsoft hack, only 16 percent of 400 security professionals surveyed used any type of firewall to protect remote workers' machines, even though 39 percent of the reported attacks originated from those machines, according to a report released by Cupertino, Calif.-based security software vendor Symantec Corp. Some managers are tackling this threat by requiring SOHO firewalls on all desktop and laptop computers, both inside and outside the corporate LAN.
|Page: 1 | 2 | 3 | Next Page|