• Home
  • Help
  • Search
  • Login
  • Register
Pages: [1]
Author Topic: Anyone running a firewall on SheevaPlug?  (Read 1997 times)
kb100
Newbie
*

Karma: 0
Posts: 5


View Profile
« on: October 22, 2010, 04:30:41 PM »

I just ordered a SheevaPlug and I'm planning to install Debian on it and use it as a firewall. Has anyone tried this route?

If so, can you please share your experience?

Thank you!
Logged

sillis
Guest
« Reply #1 on: October 23, 2010, 08:03:19 AM »

sudo apt-get install fail2ban

Only firewall you need. remember to configure the /etc/fail2ban/jail.conf file. My recommendation is to change default section to the following:

DEFAULT]

# "ignoreip" can be an IP address, a CIDR mask or a DNS host
ignoreip = 127.0.0.1
iqnoreip = 192.168.0.0/24  #change this to your LAN ip range....
bantime  = 36000
maxretry = 2

Also bear in mind that opening port 22 (ssh) lures all kinds of automated scripted attack to your sheevaplug. So be sure you have some firewall installed before you open said port.  Once i forgot to restart fail2ban, then after a week i looked at the logs. i got about 3200 attacks to my box that week.

Changing the port number to something else is a good way to dilute the amount of attacks.

Logged

kb100
Newbie
*

Karma: 0
Posts: 5


View Profile
« Reply #2 on: October 23, 2010, 03:59:21 PM »

Thank you!

Will the log have the full URL visited? If possible, can you give an example of the visited URL from any of the connected computers?

I have a DSL modem and a router. After reading some of the posts, I know that I also need a USB to Ethernet adapter. Can you provide some more details on how the connections go?


Logged

sillis
Guest
« Reply #3 on: October 24, 2010, 12:29:44 PM »

For more information about fail2ban and making a script which parses number of attacks from log files, go read this.   http://www.the-art-of-web.com/system/fail2ban/

The logs can be found in /var/log/  folder. each time someone makes a ssh connection, details about that connection gets appended to /var/log/auth.log.

As for the connections, no usb to ethernet of vice versa adapter is needed. Sheevaplug is connected to your router with standard ethernet cable. The usb port is used to connect a usb stick or external usb harddrive, which ever your prefer. You can also connect usb hub to sheevaplugs usb port and thus have more usb ports to use.

Logged

kb100
Newbie
*

Karma: 0
Posts: 5


View Profile
« Reply #4 on: October 24, 2010, 01:11:08 PM »

sillis,

This kind of log is not that useful for me:

2006-02-13 15:52:30,388 fail2ban.actions: WARNING [sendmail] Ban XXX.66.82.116 2006-02-13 15:59:29,295 fail2ban.actions: WARNING [sendmail] Ban XXX.27.118.100 2006-02-13 16:07:31,183 fail2ban.actions: WARNING [sendmail] Unban XXX.66.82.116

Does it have a logging mode where I can see the full URL visited from the connected PCs ? Something like
http://news.yahoo.com/s/ap/20101024/ap_on_re_us/cb_haiti_disease_outbreak
Logged

haha0123
Newbie
*

Karma: -4
Posts: 6


View Profile
« Reply #5 on: October 27, 2010, 08:29:21 PM »

Druids are 重庆团购 allowed to wear cloth 重庆二手交易 and leather. They can use all of the maces, daggers, fist weapons, and staves. Many druids 重庆二手电脑 prefer the staves 重庆二手手机 because they add bonuses to final fantasy leveling their caster attributes. The bonuses that come with other weapons are typically more final fantasy gold appropriate for other forms. If you are in animal form, you can’t use a proc ff14 gold weapon so you shouldn’t even ffxiv power leveling weaste your time and money getting ff14 power leveling these items.You should, however, be concerned with your armor. Bear and dire bear ffxiv power leveling form will multiply your armor bonus. You might not have the money to buy a really powerful enchantment, but an even a simple armor patch can be really effective
Logged

Alucard
Newbie
*

Karma: 0
Posts: 10


View Profile
« Reply #6 on: November 21, 2010, 10:35:04 AM »

Er,  I think you two are talking about two different things. fail2ban is meant mainly for stopping SSH bruteforce attacks. But I think kb100 wants to use the plug as a router & NAT device for his/her other computing devices.  At least, that's what I read from "use as a firewall" and "log all URLs".
Logged

Pages: [1]
Print
Jump to: