setting up a 5 pc based security network

carnagelan

Hi Guys

Our company has got 5 pc's all connected to the server as well as the net thourgh wireless technology. The only security we have is WEP which is setup on our gigabte b49g router.

All 6 computers are connected to the router via wireless and the internet modem is connected to the router and out side world.

so basicly the setup is like this.

PC1,PC2,PC3,PC4,PC5,SERVER->->ROUTER->->INTERET

We also have a server which is also connected direcly to the router and outside world.

Our Network security is very bad. What I would like to do is this?

All 6 computers are connected to a seperate server running IPCOP(green and red interface), The IPCOP server will then need to have two network cards, one for the internal network and one for the external(internet).

MY boss wants me to setup a VPN connection so, when he is on buisness trips he can connect to out internal network\server via VPN.

Is this way a good way of doing this?
What do i need to change?

I'm going to start this only in about a month or so.

dynamik

I'd replace WEP with WPA/WPA2 ASAP. You might as well be running on an open WAP; WEP can be cracked in only a few minutes.

Is that other server getting a public IP address, or is it using a private IP like the other devices on your network?

IPCop should do what you need. Just make sure you're using AV that stays up to date, keep your operating systems up to date, use a personal firewall, and use strong passwords. All that is simple and will help you out a great deal. If you want to go a step further, make sure your users aren't running as administrators and make them run as standard users.

HeroPsycho

I wouldn't use IPCop for a business critical application. I use it at home, and I like it, but it isn't well maintained, and if something goes bump in the night, who are you gonna call for support?

I'd recommend an appliance based router instead who can support you. If you like the idea of a linux based solution, check out Astaro or Endian. Or just get whatever Linksys/Netgear/Cisco, etc. that suits your needs.

veritas_libertas

HeroPsycho wrote: »

Astaro

I am using Astaro, and I love it. You can get enterprise support, and it's easy for someone that is new to VPN/Firewalls.

the_Grinch

Untangle might serve your purposes. I tested it at my old job and it was pretty good.

Network Monitoring Software - Open Source Content Filter & Spam Filter | Untangle.com

carnagelan

Thanks guys,

All our pc's including the server has a static IP for the internal network on the same IP Range.

The router is set to get the IP and dns settings from the ISP and I set out default gateway to point to the router.

I have setup IPCOP and used it at home for a while and thought it was a decent open source firewall. I will have a lok at all your suggestions and see what will work best and what id like to do.

I can also just use the router as it is with the built in firewall and forward the VPN port to the server, but I dont think just using the router would be a good firewall on its own.

phoeneous

HeroPsycho wrote: »

Endian.

+1 if you're familiar with linux. The only thing I dont like about it is you cant do selective content or web filtering based on groups. Its all or nothing. At least thats what Ive seen so far.