Remove [Courses] from lesson names/post subjects

[mbox2moodle.git] / source / firewalls

From mary@home.puzzling.org  Fri Apr 22 09:21:41 2005
Return-Path: <mary@home.puzzling.org>
X-Original-To: courses@linuxchix.org
Delivered-To: courses@linuxchix.org
Received: from localhost (localhost [127.0.0.1])
        by www.linuxchix.org (Postfix) with ESMTP id 762CF273113
        for <courses@linuxchix.org>; Fri, 22 Apr 2005 09:21:41 +1000 (EST)
Received: from www.linuxchix.org ([127.0.0.1])
        by localhost (nest [127.0.0.1]) (amavisd-new, port 10024) with SMTP
        id 07871-07 for <courses@linuxchix.org>;
        Fri, 22 Apr 2005 09:21:41 +1000 (EST)
Received: from smtp.syd.swiftdsl.com.au (smtp.syd.swiftdsl.com.au
        [218.214.224.138])
        by www.linuxchix.org (Postfix) with SMTP id 2A316273112
        for <courses@linuxchix.org>; Fri, 22 Apr 2005 09:21:41 +1000 (EST)
Received: (qmail 17536 invoked from network); 21 Apr 2005 23:20:40 -0000
Received: from unknown (HELO home.puzzling.org) (218.214.66.203)
        by smtp.syd.swiftdsl.com.au with SMTP; 21 Apr 2005 23:20:40 -0000
Received: from localhost (flay [127.0.0.1])
        by home.puzzling.org (Postfix) with ESMTP id 837E97880C6
        for <courses@linuxchix.org>; Fri, 22 Apr 2005 09:20:37 +1000 (EST)
Received: from home.puzzling.org ([127.0.0.1])
        by localhost (flay [127.0.0.1]) (amavisd-new, port 10024) with ESMTP
        id 24941-10 for <courses@linuxchix.org>;
        Fri, 22 Apr 2005 09:20:37 +1000 (EST)
Received: by home.puzzling.org (Postfix, from userid 1000)
        id 667A07880C2; Fri, 22 Apr 2005 09:20:37 +1000 (EST)
Date: Fri, 22 Apr 2005 09:20:37 +1000
From: Mary <mary-linuxchix@puzzling.org>
To: courses@linuxchix.org
Message-ID: <20050421232037.GB25108@home.puzzling.org>
Mail-Followup-To: courses@linuxchix.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
X-GPG-Key: 1024D/77625870
X-GPG-Fingerprint: B141 CD1A 4603 1CD7 6D64  EFBF D256 C568 7762 5870
User-Agent: Mutt/1.5.6+20040907i
X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at home.puzzling.org
X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at linuxchix.org
Subject: [Courses] Call for course: firewall rulesets
X-BeenThere: courses@linuxchix.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: List for courses run by LinuxChix volunteers <courses.linuxchix.org>
List-Unsubscribe: <http://mailman.linuxchix.org/mailman/listinfo/courses>,
        <mailto:courses-request@linuxchix.org?subject=unsubscribe>
List-Archive: <http://linuxchix.org/pipermail/courses>
List-Post: <mailto:courses@linuxchix.org>
List-Help: <mailto:courses-request@linuxchix.org?subject=help>
List-Subscribe: <http://mailman.linuxchix.org/mailman/listinfo/courses>,
        <mailto:courses-request@linuxchix.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Apr 2005 23:21:41 -0000
Content-Length: 497
Lines: 14

Hi courses folk,

One of our subscribers suggested that we run a firewall rulesets course
where people would exchange firewall rulesets and learn from each other.

Is there anyone out there who would be prepared to run such a course?
The details of running a course are at
http://www.linuxchix.org/content/courses/running_a_course.html

-Mary

PS Please note, this is NOT a promise that the course will run. Like
everything on LinuxChix, this will entirely depend on finding volunteers
to run it.

From brat@magma.ca  Sat Apr 23 13:58:35 2005
Return-Path: <brat@magma.ca>
X-Original-To: courses@linuxchix.org
Delivered-To: courses@linuxchix.org
Received: from localhost (localhost [127.0.0.1])
        by www.linuxchix.org (Postfix) with ESMTP id 8FBCC273114
        for <courses@linuxchix.org>; Sat, 23 Apr 2005 13:58:35 +1000 (EST)
Received: from www.linuxchix.org ([127.0.0.1])
        by localhost (nest [127.0.0.1]) (amavisd-new, port 10024) with SMTP
        id 22675-09 for <courses@linuxchix.org>;
        Sat, 23 Apr 2005 13:58:35 +1000 (EST)
Received: from mx2.magma.ca (mx2.magma.ca [206.191.0.250])
        by www.linuxchix.org (Postfix) with ESMTP id CF6BC27310C
        for <courses@linuxchix.org>; Sat, 23 Apr 2005 13:58:34 +1000 (EST)
Received: from mail4.magma.ca (mail4.magma.ca [206.191.0.222])
        by mx2.magma.ca (8.13.0/8.13.0) with ESMTP id j3N3wQrf002835
        for <courses@linuxchix.org>; Fri, 22 Apr 2005 23:58:27 -0400
Received: from lemonjelly (ottawa-hs-64-26-176-100.s-ip.magma.ca
        [64.26.176.100])
        by mail4.magma.ca (8.13.0/8.13.0) with ESMTP id j3N3wPHM013251
        for <courses@linuxchix.org>; Fri, 22 Apr 2005 23:58:27 -0400
Received: from orchid by lemonjelly with local (Exim 3.35 #1 (Debian))
        id 1DPBmh-0000lr-00
        for <courses@linuxchix.org>; Fri, 22 Apr 2005 23:58:23 -0400
Date: Fri, 22 Apr 2005 23:58:23 -0400
To: courses@linuxchix.org
Subject: Re: [Courses] Call for course: firewall rulesets
Message-ID: <20050423035823.GA2951@magma.ca>
Mail-Followup-To: courses@linuxchix.org
References: <20050421232037.GB25108@home.puzzling.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20050421232037.GB25108@home.puzzling.org>
User-Agent: Mutt/1.3.28i
From: Angelina Carlton <brat@magma.ca>
X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at linuxchix.org
X-BeenThere: courses@linuxchix.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: List for courses run by LinuxChix volunteers <courses.linuxchix.org>
List-Unsubscribe: <http://mailman.linuxchix.org/mailman/listinfo/courses>,
        <mailto:courses-request@linuxchix.org?subject=unsubscribe>
List-Archive: <http://linuxchix.org/pipermail/courses>
List-Post: <mailto:courses@linuxchix.org>
List-Help: <mailto:courses-request@linuxchix.org?subject=help>
List-Subscribe: <http://mailman.linuxchix.org/mailman/listinfo/courses>,
        <mailto:courses-request@linuxchix.org?subject=subscribe>
X-List-Received-Date: Sat, 23 Apr 2005 03:58:35 -0000
Content-Length: 492
Lines: 16

On Fri, Apr 22, 2005 at 09:20:37AM +1000, Mary wrote:
> 
> PS Please note, this is NOT a promise that the course will run. Like
> everything on LinuxChix, this will entirely depend on finding volunteers
> to run it.

I hope there is someone who has the time and inclination to run this
course. 

I have an iptables script that has now blocked anyone from accessing my
webserver and intermittently allows samba traffic accross my
network. So yeah...it needs some work. 


-- 
Angelina Carlton

From mary@home.puzzling.org  Sat Apr 23 15:36:18 2005
Return-Path: <mary@home.puzzling.org>
X-Original-To: courses@linuxchix.org
Delivered-To: courses@linuxchix.org
Received: from localhost (localhost [127.0.0.1])
        by www.linuxchix.org (Postfix) with ESMTP id CF5C0273114
        for <courses@linuxchix.org>; Sat, 23 Apr 2005 15:36:18 +1000 (EST)
Received: from www.linuxchix.org ([127.0.0.1])
        by localhost (nest [127.0.0.1]) (amavisd-new, port 10024) with SMTP
        id 23209-06 for <courses@linuxchix.org>;
        Sat, 23 Apr 2005 15:36:18 +1000 (EST)
Received: from smtp.syd.swiftdsl.com.au (smtp.syd.swiftdsl.com.au
        [218.214.224.138])
        by www.linuxchix.org (Postfix) with SMTP id 810E32730D3
        for <courses@linuxchix.org>; Sat, 23 Apr 2005 15:36:18 +1000 (EST)
Received: (qmail 21492 invoked from network); 23 Apr 2005 05:35:23 -0000
Received: from unknown (HELO home.puzzling.org) (218.214.66.203)
        by smtp.syd.swiftdsl.com.au with SMTP; 23 Apr 2005 05:35:23 -0000
Received: from localhost (flay [127.0.0.1])
        by home.puzzling.org (Postfix) with ESMTP id 885357880CC
        for <courses@linuxchix.org>; Sat, 23 Apr 2005 15:35:13 +1000 (EST)
Received: from home.puzzling.org ([127.0.0.1])
        by localhost (flay [127.0.0.1]) (amavisd-new, port 10024) with ESMTP
        id 00625-09 for <courses@linuxchix.org>;
        Sat, 23 Apr 2005 15:35:13 +1000 (EST)
Received: from sourdust.home.puzzling.org (sourdust.home.puzzling.org
        [10.0.0.7]) by home.puzzling.org (Postfix) with ESMTP id 6DFB37880CA
        for <courses@linuxchix.org>; Sat, 23 Apr 2005 15:35:13 +1000 (EST)
Received: by sourdust.home.puzzling.org (Postfix, from userid 1000)
        id 6140835A6D5; Sat, 23 Apr 2005 15:35:12 +1000 (EST)
Date: Sat, 23 Apr 2005 15:35:12 +1000
From: Mary <mary-linuxchix@puzzling.org>
To: courses@linuxchix.org
Subject: Re: [Courses] Call for course: firewall rulesets
Message-ID: <20050423053512.GB8402@sourdust.home.puzzling.org>
Mail-Followup-To: courses@linuxchix.org
References: <20050421232037.GB25108@home.puzzling.org>
        <20050423035823.GA2951@magma.ca>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20050423035823.GA2951@magma.ca>
X-Nihilism: Immortality is all I seek... Give us this day our daily week...
X-GPG-Key: 1024D/77625870
X-GPG-Fingerprint: B141 CD1A 4603 1CD7 6D64  EFBF D256 C568 7762 5870
User-Agent: Mutt/1.5.6+20040907i
X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at home.puzzling.org
X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at linuxchix.org
X-BeenThere: courses@linuxchix.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: List for courses run by LinuxChix volunteers <courses.linuxchix.org>
List-Unsubscribe: <http://mailman.linuxchix.org/mailman/listinfo/courses>,
        <mailto:courses-request@linuxchix.org?subject=unsubscribe>
List-Archive: <http://linuxchix.org/pipermail/courses>
List-Post: <mailto:courses@linuxchix.org>
List-Help: <mailto:courses-request@linuxchix.org?subject=help>
List-Subscribe: <http://mailman.linuxchix.org/mailman/listinfo/courses>,
        <mailto:courses-request@linuxchix.org?subject=subscribe>
X-List-Received-Date: Sat, 23 Apr 2005 05:36:19 -0000
Content-Length: 427
Lines: 10

On Fri, Apr 22, 2005, Angelina Carlton wrote:
> I have an iptables script that has now blocked anyone from accessing
> my webserver and intermittently allows samba traffic accross my
> network. So yeah...it needs some work. 

If the course doesn't run (or even if it does) feel free to post the
problem to techtalk. Firewalling is on-topic there. It's just that it
would only be one thread rather than an entire course.

-Mary

From devdas@dvb.homelinux.org  Mon Apr  5 05:54:21 2004
Return-Path: <devdas@dvb.homelinux.org>
X-Original-To: courses@linuxchix.org
Delivered-To: courses@linuxchix.org
Received: from localhost (localhost [127.0.0.1])
        by www.linuxchix.org (Postfix) with ESMTP id 6E0FC272EE9
        for <courses@linuxchix.org>; Mon,  5 Apr 2004 05:54:21 +1000 (EST)
Received: from www.linuxchix.org ([127.0.0.1])
        by localhost (nest [127.0.0.1]) (amavisd-new, port 10024) with SMTP
        id 05343-05 for <courses@linuxchix.org>;
        Mon, 5 Apr 2004 05:54:21 +1000 (EST)
Received: from tin.nixcartel.org (unknown [66.98.212.93])
        by www.linuxchix.org (Postfix) with ESMTP id 06437272EA5
        for <courses@linuxchix.org>; Mon,  5 Apr 2004 05:54:20 +1000 (EST)
Received: from dvb.homelinux.org (unknown [202.88.170.34])
        by tin.nixcartel.org (Postfix) with ESMTP id 99ACB1AC06B
        for <courses@linuxchix.org>; Sun,  4 Apr 2004 15:17:48 -0500 (CDT)
Received: by dvb.homelinux.org (Postfix, from userid 500)
        id 871AA34022; Mon,  5 Apr 2004 01:23:50 +0530 (IST)
Date: Mon, 5 Apr 2004 01:23:50 +0530
From: Devdas Bhagat <devdas@dvb.homelinux.org>
To: courses@linuxchix.org
Message-ID: <20040405012350.C19036@evita.devdas.geek>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5.1i
X-Message-Flag: Friends protect friends from Microsoft
X-Virus-Scanned: by amavisd-new-20030616-p7 (Debian) at linuxchix.org
Subject: [Courses] [FW] Firewalls course.
X-BeenThere: courses@linuxchix.org
X-Mailman-Version: 2.1
Precedence: list
Reply-To: Devdas Bhagat <devdas@dvb.homelinux.org>
List-Id: List for courses run by LinuxChix volunteers <courses.linuxchix.org>
List-Help: <mailto:courses-request@linuxchix.org?subject=help>
List-Post: <mailto:courses@linuxchix.org>
List-Subscribe: <http://mailman.linuxchix.org/mailman/listinfo/courses>,
        <mailto:courses-request@linuxchix.org?subject=subscribe>
List-Archive: <http://linuxchix.org/pipermail/courses>
List-Unsubscribe: <http://mailman.linuxchix.org/mailman/listinfo/courses>,
        <mailto:courses-request@linuxchix.org?subject=unsubscribe>
X-List-Received-Date: Sun, 04 Apr 2004 19:54:21 -0000
Content-Length: 490
Lines: 19

I will be doing a short course on firewalls on this list. Topic [FW].
The course would cover:

Theory:
An introduction to security requirements.
The TCP/IP stack and basic networking.
Packet filters
Stateless and stateful packet filters.
Application layer gateways/proxies.
Encryption, SSH, IPsec and VPNs.
Layer 8 issues.

More practical:
Iptables
The use/abuse of NAT for security.
Apache as a HTTP proxy.
Postfix w/ amavisd-new, SA and clamav for email filtering.
Backups.

Devdas Bhagat
From yewintsoehtay@bagan.net.mm  Mon Apr  5 13:19:33 2004
Return-Path: <yewintsoehtay@bagan.net.mm>
X-Original-To: courses@linuxchix.org
Delivered-To: courses@linuxchix.org
Received: from localhost (localhost [127.0.0.1])
        by www.linuxchix.org (Postfix) with ESMTP id 51533272E77
        for <courses@linuxchix.org>; Mon,  5 Apr 2004 13:19:33 +1000 (EST)
Received: from www.linuxchix.org ([127.0.0.1])
        by localhost (nest [127.0.0.1]) (amavisd-new, port 10024) with SMTP
        id 11205-07 for <courses@linuxchix.org>;
        Mon, 5 Apr 2004 13:19:33 +1000 (EST)
Received: from localhost.localdomain (unknown [203.81.71.104])
        by www.linuxchix.org (Postfix) with ESMTP id 237E7272E07
        for <courses@linuxchix.org>; Mon,  5 Apr 2004 13:19:31 +1000 (EST)
Received: from yewintsh (host-1-147.internal.bagan.net.mm [192.168.1.147])
        by localhost.localdomain (8.12.8/8.11.2) with ESMTP id i353Io4i027012;
        Mon, 5 Apr 2004 09:49:04 +0630
Message-Id: <200404050319.i353Io4i027012@localhost.localdomain>
From: "Ye Wint Soe Htay" <yewintsoehtay@bagan.net.mm>
To: "'Devdas Bhagat'" <devdas@dvb.homelinux.org>,
        <courses@linuxchix.org>
Subject: RE: [Courses] [FW] Firewalls course.
Date: Mon, 5 Apr 2004 09:48:45 +0630
Organization: Bagan Cybertech
MIME-Version: 1.0
Content-Type: text/plain;
        charset="US-ASCII"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Office Outlook, Build 11.0.5510
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
Thread-Index: AcQaft9u+wuqMtqvQouYTCqDFFgXxwAPbyMQ
In-Reply-To: <20040405012350.C19036@evita.devdas.geek>
X-yoursite-MailScanner-Information: Please contact the ISP for more
        information
X-yoursite-MailScanner: Found to be clean
X-Virus-Scanned: by amavisd-new-20030616-p7 (Debian) at linuxchix.org
X-Topics: Firewalling
X-BeenThere: courses@linuxchix.org
X-Mailman-Version: 2.1
Precedence: list
Reply-To: yewintsoehtay@bagan.net.mm
List-Id: List for courses run by LinuxChix volunteers <courses.linuxchix.org>
List-Help: <mailto:courses-request@linuxchix.org?subject=help>
List-Post: <mailto:courses@linuxchix.org>
List-Subscribe: <http://mailman.linuxchix.org/mailman/listinfo/courses>,
        <mailto:courses-request@linuxchix.org?subject=subscribe>
List-Archive: <http://linuxchix.org/pipermail/courses>
List-Unsubscribe: <http://mailman.linuxchix.org/mailman/listinfo/courses>,
        <mailto:courses-request@linuxchix.org?subject=unsubscribe>
X-List-Received-Date: Mon, 05 Apr 2004 03:19:33 -0000
Content-Length: 989
Lines: 40

Dear Devdas Bhagat,

This is greatly appreciated.
I've no or little knowledge in doing FW with Linux.

Rgds,
YEWINT

-----Original Message-----
From: courses-bounces@linuxchix.org [mailto:courses-bounces@linuxchix.org]
On Behalf Of Devdas Bhagat
Sent: Monday, April 05, 2004 2:24 AM
To: courses@linuxchix.org
Subject: [Courses] [FW] Firewalls course.

I will be doing a short course on firewalls on this list. Topic [FW].
The course would cover:

Theory:
An introduction to security requirements.
The TCP/IP stack and basic networking.
Packet filters
Stateless and stateful packet filters.
Application layer gateways/proxies.
Encryption, SSH, IPsec and VPNs.
Layer 8 issues.

More practical:
Iptables
The use/abuse of NAT for security.
Apache as a HTTP proxy.
Postfix w/ amavisd-new, SA and clamav for email filtering.
Backups.

Devdas Bhagat
_______________________________________________
Courses mailing list
Courses@linuxchix.org
http://mailman.linuxchix.org/mailman/listinfo/courses


From david@aeolia.co.uk  Sat Apr 10 21:50:48 2004
Return-Path: <david@aeolia.co.uk>
X-Original-To: courses@linuxchix.org
Delivered-To: courses@linuxchix.org
Received: from localhost (localhost [127.0.0.1])
        by www.linuxchix.org (Postfix) with ESMTP id AD8B1272EE6
        for <courses@linuxchix.org>; Sat, 10 Apr 2004 21:50:48 +1000 (EST)
Received: from www.linuxchix.org ([127.0.0.1])
        by localhost (nest [127.0.0.1]) (amavisd-new, port 10024) with SMTP
        id 24206-10 for <courses@linuxchix.org>;
        Sat, 10 Apr 2004 21:50:48 +1000 (EST)
Received: from ptb-relay01.plus.net (ptb-relay01.plus.net [212.159.14.212])
        by www.linuxchix.org (Postfix) with ESMTP id 2AE4C272E8F
        for <courses@linuxchix.org>; Sat, 10 Apr 2004 21:50:48 +1000 (EST)
Received: from [212.159.84.98] (helo=[192.168.0.10])
         by ptb-relay01.plus.net with esmtp (Exim) id 1BCH0V-0004PP-3t
        for courses@linuxchix.org; Sat, 10 Apr 2004 11:50:43 +0000
Date: Sat, 10 Apr 2004 12:50:42 +0100 (BST)
From: David Sumbler <david@aeolia.co.uk>
To: courses@linuxchix.org
Subject: [Courses] [FW] Firewalls course.
Message-ID: <Pine.LNX.4.58.0404101247220.17902@ceres.staly.plus.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
X-Virus-Scanned: by amavisd-new-20030616-p7 (Debian) at linuxchix.org
X-Topics: Firewalling
X-BeenThere: courses@linuxchix.org
X-Mailman-Version: 2.1
Precedence: list
List-Id: List for courses run by LinuxChix volunteers <courses.linuxchix.org>
List-Help: <mailto:courses-request@linuxchix.org?subject=help>
List-Post: <mailto:courses@linuxchix.org>
List-Subscribe: <http://mailman.linuxchix.org/mailman/listinfo/courses>,
        <mailto:courses-request@linuxchix.org?subject=subscribe>
List-Archive: <http://linuxchix.org/pipermail/courses>
List-Unsubscribe: <http://mailman.linuxchix.org/mailman/listinfo/courses>,
        <mailto:courses-request@linuxchix.org?subject=unsubscribe>
X-List-Received-Date: Sat, 10 Apr 2004 11:50:49 -0000
Content-Length: 196
Lines: 8

I can't wait.  This whole subject is one that I have found great
difficulty with.

I do hope that you will start at a very basic level - then I might be
in with a chance of keeping up!

David

-- 
From devdas@dvb.homelinux.org  Mon Apr 12 10:44:03 2004
Return-Path: <devdas@dvb.homelinux.org>
X-Original-To: courses@linuxchix.org
Delivered-To: courses@linuxchix.org
Received: from localhost (localhost [127.0.0.1])
        by www.linuxchix.org (Postfix) with ESMTP id 6587C272F42
        for <courses@linuxchix.org>; Mon, 12 Apr 2004 10:44:03 +1000 (EST)
Received: from www.linuxchix.org ([127.0.0.1])
        by localhost (nest [127.0.0.1]) (amavisd-new, port 10024) with SMTP
        id 13127-01 for <courses@linuxchix.org>;
        Mon, 12 Apr 2004 10:44:03 +1000 (EST)
Received: from tin.nixcartel.org (unknown [66.98.212.93])
        by www.linuxchix.org (Postfix) with ESMTP id B32E9272E92
        for <courses@linuxchix.org>; Mon, 12 Apr 2004 10:43:58 +1000 (EST)
Received: from dvb.homelinux.org (unknown [202.88.170.34])
        by tin.nixcartel.org (Postfix) with ESMTP id 9EEA71AC06D
        for <courses@linuxchix.org>; Sun, 11 Apr 2004 19:44:43 -0500 (CDT)
Received: by dvb.homelinux.org (Postfix, from userid 500)
        id 373CD34022; Mon, 12 Apr 2004 06:13:12 +0530 (IST)
Date: Mon, 12 Apr 2004 06:13:12 +0530
From: Devdas Bhagat <devdas@dvb.homelinux.org>
To: courses@linuxchix.org
Message-ID: <20040412061311.A21758@evita.devdas.geek>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5.1i
X-Message-Flag: Friends protect friends from Microsoft
X-Virus-Scanned: by amavisd-new-20030616-p7 (Debian) at linuxchix.org
X-Topics: Firewalling
Subject: [Courses] [FW] Starting off.
X-BeenThere: courses@linuxchix.org
X-Mailman-Version: 2.1
Precedence: list
Reply-To: Linuxchix courses <courses@linuxchix.org>
List-Id: List for courses run by LinuxChix volunteers <courses.linuxchix.org>
List-Help: <mailto:courses-request@linuxchix.org?subject=help>
List-Post: <mailto:courses@linuxchix.org>
List-Subscribe: <http://mailman.linuxchix.org/mailman/listinfo/courses>,
        <mailto:courses-request@linuxchix.org?subject=subscribe>
List-Archive: <http://linuxchix.org/pipermail/courses>
List-Unsubscribe: <http://mailman.linuxchix.org/mailman/listinfo/courses>,
        <mailto:courses-request@linuxchix.org?subject=unsubscribe>
X-List-Received-Date: Mon, 12 Apr 2004 00:44:03 -0000
Content-Length: 6710
Lines: 148


/* 
 * Please reply to the list with queries, doubts, objections. If you
 * think I am going too fast, please let me know.
 */
                        Security Requirements
                        =====================

This tutorial will comprise of designing and implementing a security 
infrastructure for a small company.
The basic concepts will scale up to an enterprise or down to a single host.

We will use the standard 192.0.20.0/24 netblock ( IPv4 documentation subnet,
see RFC 3330 ) as the external subnet assigned to this organisation. The
company uses the domain name example.com.

Scenario:
---------

        For the purposes of this tutorial, we will consider a small company
with a /24[1] routable netblock[2] from their ISP. The company is dualhomed[3]
and announces routes on both their ISPs. The business needs are not complex.
The company has a small website, but the primary needs of the Internet
connections are email, VPN[4] to their business partners and a limited 
amount of web surfing. Some business partners insist on authenticating 
packets, while others are satisfied with just ensuring that the data cannot be
read. The company uses a mixture of desktop operating systems internally,
primarily Windows 98 and Windows 2000 professional for users and FreeBSD for
administrators and they have also recently moved into using wireless with
laptops running Windows XP for the sales team. The administrators have remote 
access via ssh to their desktops.

Due to recent news about security incidents, company management has decided to 
redo their network for security and manageability.

Staffing and requirements are:
The sales team is 75 people, each having a laptop running Windows XP 
professional.
Senior management is 10 people with Windows 2000 desktops.
There are 5 LAN administrators, and 2 people who handle the router and
servers all using FreeBSD.
There are 3 people in HR and 2 people in the legal department using
Windows 2000 professional.
3 people in helpdesk running Windows 98.
Each person in senior management has a secretary with a desktop running 
Windows 98.
There are 8 teams of 25 people each working on software projects.
5 people from each team need to VPN out to various business partners.
Each team has one group leader who always has VPN rights. The
remaining members of the team VPN out as needed. All these users run
Windows 2000 professional.

There is one dedicated networked printer between two teams, for a total of 4
networked printers.
The secretarial pool shares two printers shared by a windows file share.
The remaining people share one networked printer.

The network is SNMP supporting switches with a single router at the edge.
===============================================================================
Comments:
        This is a fairly simple setup. 
        Currently used systems are:
                Edge router.
                A webserver
                A database server.
                A mail server
                VPN clients
                Desktop systems
                Printers

The requirement is to formulate an economically feasible solution for security.

===============================================================================

Starting off, we note that there has been no budget formulated for this
exercise. There have been no decisions made about what resources need to be
protected, and what is the cost of the data and hardware therein. There has
also been no decision on the amount of risk acceptable to management for these
systems.
Hence, there has been no budget allocation for this exercise.

The first step is for management to decide what resources are required to be
protected and value those resources. A risk analysis must be performed to
decide on how much budget should be available to protect each unit.

===============================================================================
Comments:
        There is no solution which will offer 100% security to any system.
        A properly designed and hardened system will be not always sufficent.
        There is also a need for monitoring this system, upgrading it.

        A firewall is one small component of a security solution. The security
        solution must cost less than the resources it is protecting.

        If the resources being protected are worth 100 USD, buying a 25000 USD 
        safe is not justifiable. If the resources are worth 100000 USD, the
        25000 USD safe is justified.
        
        Tokyo is still vulnerable to attack by giant lizards. The risk of that
        happening is zero. Fort Knox, on the other hand is a high value, high
        risk target. The security budget for defending Fort Knox from a would
        be theif is necessarily much greater than that for protecting Tokyo
        from a giant lizard.

        The budget provided to the security group is necessarily a
        function of the net worth of resources being protected, and the risk
        involved.
        
===============================================================================
Once this budgeting is done, then management, administrators and users have to
get together and decide on acceptable usage policies(AUP) for the network.

This is where the actual work for securing the system starts.

Management must support the AUP. If there is no support from management, then
the policy is worthless.
Users must understand the justification for such policies. Policies cannot be
arbitrary. They must allow the users to do their work. They must be explicit
about what is allowed, and what is acceptable behaviour.
Administrators are responsible for enforcement of these policies. An
unenforcable policy is worthless. It is perfectly feasible to make a policy
which cannot be enforced at all.

===============================================================================
Comments:
        Policies are the basic specifications of the security design. 
        A firewall is the implementation of the security policy on a 
        computing device.
        Without clear, well defined policies, no administrator can implement a
        security system.
        http://www.sans.org/ has good example of AUP statements.
        
==============================================================================

Exercise:
1> Create an acceptable usage policy for this scenario.

===============================================================================
[1] The /24 is the Classless Inter Domain Routing notation for describing a
subnet of 256 IP addresses. To calculate the number of hosts in a subnet /n,
number of addresses = 2^(32-n).
[2] A routable netblock is one which will be carried by large ISPs globally.
This currently stands at a /24.
[3] A dual homed system is one which is connected to two different networks.
In this case, it means that the company is using two different ISPs
simultaneously for access.
[4] A VPN is a Virtual Private Network. This is an encrypted IP tunnel riding
on top of a regular Internet connection.

From ccordova@inictel.gob.pe  Sat Apr 24 00:03:59 2004
Return-Path: <ccordova@inictel.gob.pe>
X-Original-To: courses@linuxchix.org
Delivered-To: courses@linuxchix.org
Received: from localhost (localhost [127.0.0.1])
        by www.linuxchix.org (Postfix) with ESMTP id 7B31E273368
        for <courses@linuxchix.org>; Sat, 24 Apr 2004 00:03:59 +1000 (EST)
Received: from www.linuxchix.org ([127.0.0.1])
        by localhost (nest [127.0.0.1]) (amavisd-new, port 10024) with SMTP
        id 15615-04 for <courses@linuxchix.org>;
        Sat, 24 Apr 2004 00:03:59 +1000 (EST)
Received: from mail.inictel.gob.pe (unknown [64.76.74.206])
        by www.linuxchix.org (Postfix) with ESMTP id 6547327303D
        for <courses@linuxchix.org>; Sat, 24 Apr 2004 00:03:51 +1000 (EST)
Received: from [192.168.10.34] (unknown [64.76.74.195])
        by mail.inictel.gob.pe (Postfix) with ESMTP id 46DEDE0395
        for <courses@linuxchix.org>; Fri, 23 Apr 2004 09:05:06 -0400 (EDT)
Subject: Re: [Courses] [FW] Starting off.
From: Claudia Cordova Yamauchi <ccordova@inictel.gob.pe>
To: Linuxchix courses <courses@linuxchix.org>
In-Reply-To: <20040412061311.A21758@evita.devdas.geek>
References: <20040412061311.A21758@evita.devdas.geek>
Content-Type: text/plain
Organization: INICTEL
Message-Id: <1082728945.815.0.camel@DTE-ZEPHYR>
Mime-Version: 1.0
X-Mailer: Ximian Evolution 1.2.3 
Date: 23 Apr 2004 09:02:25 -0500
Content-Transfer-Encoding: 7bit
X-yoursite-MailScanner-Information: Please contact the ISP for more
        information
X-yoursite-MailScanner: Found to be clean
X-Virus-Scanned: by amavisd-new-20030616-p7 (Debian) at linuxchix.org
X-Topics: Firewalling
X-BeenThere: courses@linuxchix.org
X-Mailman-Version: 2.1
Precedence: list
List-Id: List for courses run by LinuxChix volunteers <courses.linuxchix.org>
List-Help: <mailto:courses-request@linuxchix.org?subject=help>
List-Post: <mailto:courses@linuxchix.org>
List-Subscribe: <http://mailman.linuxchix.org/mailman/listinfo/courses>,
        <mailto:courses-request@linuxchix.org?subject=subscribe>
List-Archive: <http://linuxchix.org/pipermail/courses>
List-Unsubscribe: <http://mailman.linuxchix.org/mailman/listinfo/courses>,
        <mailto:courses-request@linuxchix.org?subject=unsubscribe>
X-List-Received-Date: Fri, 23 Apr 2004 14:03:59 -0000
Content-Length: 703
Lines: 21

Thank you very much, this is the course I wanted madly

Claudia

On Sun, 2004-04-11 at 19:43, Devdas Bhagat wrote:
> /* 
>  * Please reply to the list with queries, doubts, objections. If you
>  * think I am going too fast, please let me know.
>  */
>                       Security Requirements
>                       =====================
> 
> This tutorial will comprise of designing and implementing a security 
> infrastructure for a small company.
> The basic concepts will scale up to an enterprise or down to a single host.
> 
> We will use the standard 192.0.20.0/24 netblock ( IPv4 documentation subnet,
> see RFC 3330 ) as the external subnet assigned to this organisation. The
> company uses the domain name example.com.
> ...


From ccordova@inictel.gob.pe  Thu May 20 01:30:09 2004
Return-Path: <ccordova@inictel.gob.pe>
X-Original-To: courses@linuxchix.org
Delivered-To: courses@linuxchix.org
Received: from localhost (localhost [127.0.0.1])
        by www.linuxchix.org (Postfix) with ESMTP id C1C5B272F2D
        for <courses@linuxchix.org>; Thu, 20 May 2004 01:30:09 +1000 (EST)
Received: from www.linuxchix.org ([127.0.0.1])
        by localhost (nest [127.0.0.1]) (amavisd-new, port 10024) with SMTP
        id 04070-09 for <courses@linuxchix.org>;
        Thu, 20 May 2004 01:30:09 +1000 (EST)
Received: from mail.inictel.gob.pe (unknown [64.76.74.206])
        by www.linuxchix.org (Postfix) with ESMTP id E1E2B272EC0
        for <courses@linuxchix.org>; Thu, 20 May 2004 01:30:08 +1000 (EST)
Received: from [192.168.10.35] (unknown [64.76.74.195])
        by mail.inictel.gob.pe (Postfix) with ESMTP id 28FB0E0B39
        for <courses@linuxchix.org>; Wed, 19 May 2004 10:32:11 -0400 (EDT)
Subject: Re: [Courses] [FW] Starting off.
From: Claudia Cordova Yamauchi <ccordova@inictel.gob.pe>
To: Linuxchix courses <courses@linuxchix.org>
In-Reply-To: <1082728945.815.0.camel@DTE-ZEPHYR>
References: <20040412061311.A21758@evita.devdas.geek>
         <1082728945.815.0.camel@DTE-ZEPHYR>
Content-Type: text/plain
Organization: INICTEL
Message-Id: <1084980551.762.3.camel@DTE-ZEPHYR>
Mime-Version: 1.0
X-Mailer: Ximian Evolution 1.2.3 
Date: 19 May 2004 10:29:11 -0500
Content-Transfer-Encoding: 7bit
X-yoursite-MailScanner-Information: Please contact the ISP for more
        information
X-yoursite-MailScanner: Found to be clean
X-Virus-Scanned: by amavisd-new-20030616-p7 (Debian) at linuxchix.org
X-Topics: Firewalling
X-BeenThere: courses@linuxchix.org
X-Mailman-Version: 2.1
Precedence: list
List-Id: List for courses run by LinuxChix volunteers <courses.linuxchix.org>
List-Help: <mailto:courses-request@linuxchix.org?subject=help>
List-Post: <mailto:courses@linuxchix.org>
List-Subscribe: <http://mailman.linuxchix.org/mailman/listinfo/courses>,
        <mailto:courses-request@linuxchix.org?subject=subscribe>
List-Archive: <http://linuxchix.org/pipermail/courses>
List-Unsubscribe: <http://mailman.linuxchix.org/mailman/listinfo/courses>,
        <mailto:courses-request@linuxchix.org?subject=unsubscribe>
X-List-Received-Date: Wed, 19 May 2004 15:30:10 -0000
Content-Length: 1046
Lines: 31

Hi list,

It is an error with my mailbox or the firewall course is still to begin?

On Fri, 2004-04-23 at 09:02, Claudia Cordova Yamauchi wrote:
> Thank you very much, this is the course I wanted madly
> 
> Claudia
> 
> On Sun, 2004-04-11 at 19:43, Devdas Bhagat wrote:
> > /* 
> >  * Please reply to the list with queries, doubts, objections. If you
> >  * think I am going too fast, please let me know.
> >  */
> >                     Security Requirements
> >                     =====================
> > 
> > This tutorial will comprise of designing and implementing a security 
> > infrastructure for a small company.
> > The basic concepts will scale up to an enterprise or down to a single host.
> > 
> > We will use the standard 192.0.20.0/24 netblock ( IPv4 documentation subnet,
> > see RFC 3330 ) as the external subnet assigned to this organisation. The
> > company uses the domain name example.com.
> > ...
> 
> 
> _______________________________________________
> Courses mailing list
> Courses@linuxchix.org
> http://mailman.linuxchix.org/mailman/listinfo/courses

From mary@home.puzzling.org  Sat Mar  5 21:22:06 2005
Return-Path: <mary@home.puzzling.org>
X-Original-To: courses@linuxchix.org
Delivered-To: courses@linuxchix.org
Received: from localhost (localhost [127.0.0.1])
        by www.linuxchix.org (Postfix) with ESMTP id 45E2C273030
        for <courses@linuxchix.org>; Sat,  5 Mar 2005 21:22:06 +1100 (EST)
Received: from www.linuxchix.org ([127.0.0.1])
        by localhost (nest [127.0.0.1]) (amavisd-new, port 10024) with SMTP
        id 09324-10 for <courses@linuxchix.org>;
        Sat, 5 Mar 2005 21:22:06 +1100 (EST)
Received: from smtp.syd.swiftdsl.com.au (smtp.syd.swiftdsl.com.au
        [218.214.224.138])
        by www.linuxchix.org (Postfix) with SMTP id DF47127302E
        for <courses@linuxchix.org>; Sat,  5 Mar 2005 21:22:05 +1100 (EST)
Received: (qmail 29547 invoked from network); 5 Mar 2005 10:21:45 -0000
Received: from unknown (HELO home.puzzling.org) (218.214.66.203)
        by smtp.syd.swiftdsl.com.au with SMTP; 5 Mar 2005 10:21:45 -0000
Received: from localhost (flay [127.0.0.1])
        by home.puzzling.org (Postfix) with ESMTP id 6E0A57880C1
        for <courses@linuxchix.org>; Sat,  5 Mar 2005 21:21:28 +1100 (EST)
Received: from home.puzzling.org ([127.0.0.1])
        by localhost (flay [127.0.0.1]) (amavisd-new, port 10024) with ESMTP
        id 04930-08 for <courses@linuxchix.org>;
        Sat, 5 Mar 2005 21:21:28 +1100 (EST)
Received: from sourdust.home.puzzling.org (sourdust.home.puzzling.org
        [10.0.0.7]) by home.puzzling.org (Postfix) with ESMTP id 5A3A7788078
        for <courses@linuxchix.org>; Sat,  5 Mar 2005 21:21:28 +1100 (EST)
Received: by sourdust.home.puzzling.org (Postfix, from userid 1000)
        id 0325F35A84E; Sat,  5 Mar 2005 21:21:27 +1100 (EST)
Date: Sat, 5 Mar 2005 21:21:27 +1100
From: Mary <mary-linuxchix@puzzling.org>
To: courses@linuxchix.org
Message-ID: <20050305102127.GQ8271@sourdust.home.puzzling.org>
Mail-Followup-To: courses@linuxchix.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
X-Nihilism: Immortality is all I seek... Give us this day our daily week...
X-GPG-Key: 1024D/77625870
X-GPG-Fingerprint: B141 CD1A 4603 1CD7 6D64  EFBF D256 C568 7762 5870
User-Agent: Mutt/1.5.6+20040907i
X-Virus-Scanned: by amavisd-new-20030616-p9 (Debian) at home.puzzling.org
X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at linuxchix.org
X-Topics: Firewalling
Subject: [Courses] [FW] Firewalling course ended
X-BeenThere: courses@linuxchix.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: List for courses run by LinuxChix volunteers <courses.linuxchix.org>
List-Unsubscribe: <http://mailman.linuxchix.org/mailman/listinfo/courses>,
        <mailto:courses-request@linuxchix.org?subject=unsubscribe>
List-Archive: <http://linuxchix.org/pipermail/courses>
List-Post: <mailto:courses@linuxchix.org>
List-Help: <mailto:courses-request@linuxchix.org?subject=help>
List-Subscribe: <http://mailman.linuxchix.org/mailman/listinfo/courses>,
        <mailto:courses-request@linuxchix.org?subject=subscribe>
X-List-Received-Date: Sat, 05 Mar 2005 10:22:06 -0000
Content-Length: 434
Lines: 15

Hey folks,

The former maintainer of the firewalling course writes that he does not
have time to continue the course that he started, at least, not in the
foreseeable future. So unfortunately we're going to shut this topic
down.

If anyone's interested in running a similar course, please -- you're
welcome to. Follow the guidelines at
http://www.linuxchix.org/content/courses/running_a_course.html re
getting set up.

Thanks,

-Mary