From owner-freebsd-questions@FreeBSD.ORG  Tue Nov 25 11:24:40 2003
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id B9BDE16A4CE
	for <freebsd-questions@FreeBSD.ORG>;
	Tue, 25 Nov 2003 11:24:40 -0800 (PST)
Received: from web40705.mail.yahoo.com (web40705.mail.yahoo.com
	[66.218.78.162])	by mx1.FreeBSD.org (Postfix) with SMTP id E328243FA3
	for <freebsd-questions@FreeBSD.ORG>;
	Tue, 25 Nov 2003 11:24:39 -0800 (PST)
	(envelope-from monkcucumber@yahoo.com)
Message-ID: <20031125192439.71522.qmail@web40705.mail.yahoo.com>
Received: from [24.85.193.53] by web40705.mail.yahoo.com via HTTP;
	Tue, 25 Nov 2003 11:24:39 PST
Date: Tue, 25 Nov 2003 11:24:39 -0800 (PST)
From: Real Cucumber <monkcucumber@yahoo.com>
To: freebsd-questions@FreeBSD.ORG
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Content-Filtered-By: Mailman/MimeDel 2.1.1
Subject: Questions on Setting up new Freebsd 4.9 NAT Firewall
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 25 Nov 2003 19:24:40 -0000

Hi there,
 
I would like to setup a FreeBSD 4.9 NAT firewall server using a cable modem to share Internet access to the rest of the PC's on the network (PC's being Win98 using Gateway/DNS set to the IP of the FreeBSD box).
 
Does anyone know if FreeBSD 4.9 can withstand various attacks such as DoS straight out of the box, or does it require any 3rd party stateful packet firewalls etc.. to be installed?
 
I was trying to find a step-by-step guide for installing a secure firewall/nat server but could not finding anything current.  This was the closest one I found:
http://www.schlacter.net/public/
 
The server would not need to run any other services at all (ftp/www/dns/etc..), it would just need to allow LAN machines to browse the net (all sites including secure/ssl or non-standard port sites), connect to external FTP servers, and download/upload files.  (preferably if someone knows how to filter download file types or scan files downloaded for viruses that would be great too). The server would have two NIC's, one for LAN and one for WAN (cable modem).
 
If anyone has a reference somewhere I would appreciate it.

 
Thanks for any help in advance!
 
 


---------------------------------
Do you Yahoo!?
Free Pop-Up Blocker - Get it now