Film-Tech Cinema Systems
Film-Tech Forum ARCHIVE


  
my profile | my password | search | faq & rules | forum home
  next oldest topic   next newest topic
» Film-Tech Forum ARCHIVE   » Community   » Film-Yak   » Whats the best way to setup a firewall and software for a "home server"?

   
Author Topic: Whats the best way to setup a firewall and software for a "home server"?
Mark Gulbrandsen
Resident Trollmaster

Posts: 16657
From: Music City
Registered: Jun 99


 - posted 02-10-2008 11:02 AM      Profile for Mark Gulbrandsen   Email Mark Gulbrandsen   Send New Private Message       Edit/Delete Post 
I'm just about finished setting up my home server and need to know what would be the best "Firewall" setup to use on it. Running "Windows 2000 Advanced Server" on the 1550 with a Powervault for storage. "Netapps" is the web based server program running. Also using the deafault port 80 for now unless there is a safer port to switch to for what ever reason...

Thanks in advance for any input.....

Mark

 |  IP: Logged

Chris Slycord
Film God

Posts: 2986
From: 퍼항시, 경상푹도, South Korea
Registered: Mar 2007


 - posted 02-10-2008 12:41 PM      Profile for Chris Slycord   Email Chris Slycord   Send New Private Message       Edit/Delete Post 
Define exactly what home server means.

Is it behind a router? Is the server only functioning as one for the home network itself (meaning that only trusted computers access it)?

If those are both yes, then really a firewall isn't absolutely necessary.

In any other case, a firewall that simply opens ports you need and closes the others would suffice.

 |  IP: Logged

Mark Gulbrandsen
Resident Trollmaster

Posts: 16657
From: Music City
Registered: Jun 99


 - posted 02-10-2008 01:48 PM      Profile for Mark Gulbrandsen   Email Mark Gulbrandsen   Send New Private Message       Edit/Delete Post 
Yes Chris... there's a simple 8 port D-Link switch involved although I doubt it can be set up to do what I need... this is going to be a server available on the internet through my present DSL service just using the IP address of the server... as well as a home network. So both the wife and I can acccess Photo and Autocad files on the Powervault while at work. The server is a Dell 1550 running Win. 2000 Advanced Server. The Powervault is set up for two sets of Raid 5... 4 drives each. A little eleborate for a home system but the hardware was cheap! I did check with AT&T and they say I am ok to use port 80 for this purpose. Actually reading around I find that most providers block Port 80 but on my service its available. If it turns out that there are problems using Port 80 all I would have to do is go to a different available port anyway so they say.

If I can get this thing safely up and running then I may go for a Domain Name Service on it but not right away...

P.S. If I need a decent router to set this up properly could you make a reccomendation on one???

Thanks,
Mark

 |  IP: Logged

Scott Norwood
Film God

Posts: 8146
From: Boston, MA. USA (1774.21 miles northeast of Dallas)
Registered: Jun 99


 - posted 02-10-2008 01:54 PM      Profile for Scott Norwood   Author's Homepage   Email Scott Norwood   Send New Private Message       Edit/Delete Post 
If it's just a web server, then you need to allow port 80 tcp inbound from anywhere and ports greater than 1023 outbound tcp for established connections to anywhere. You also need to allow ICMP type "can't fragment" and you probably want to allow ICMP echo and echo reply as well as time exceededl for troubleshooting purposes. Finish with a "deny all" rule to deny all traffic not explicity permitted.

 |  IP: Logged

Mark Gulbrandsen
Resident Trollmaster

Posts: 16657
From: Music City
Registered: Jun 99


 - posted 02-10-2008 02:01 PM      Profile for Mark Gulbrandsen   Email Mark Gulbrandsen   Send New Private Message       Edit/Delete Post 
Scott,

Thats all set up in Appserve which is basically a more user friendly version of Apachie. All is loaded and running ok... have not had it on the DLS as of yet.

Mark

 |  IP: Logged

Tim Reed
Better Projection Pays

Posts: 5246
From: Northampton, PA
Registered: Sep 1999


 - posted 02-10-2008 02:24 PM      Profile for Tim Reed   Author's Homepage     Send New Private Message       Edit/Delete Post 
It's prolly a mirror for Phil's Sexx Den. [Razz]

 |  IP: Logged

Phil Hill
I love my cootie bug

Posts: 7595
From: Hollywood, CA USA
Registered: Mar 2000


 - posted 02-10-2008 02:38 PM      Profile for Phil Hill   Email Phil Hill       Edit/Delete Post 
Oh boy! HOW the heck did I get dragged into this? HA! [uhoh]

 |  IP: Logged

Mark Gulbrandsen
Resident Trollmaster

Posts: 16657
From: Music City
Registered: Jun 99


 - posted 02-10-2008 04:24 PM      Profile for Mark Gulbrandsen   Email Mark Gulbrandsen   Send New Private Message       Edit/Delete Post 
quote: Tim Reed
It's prolly a mirror for Phil's Sexx Den.

There's plenty of room there for it!

 |  IP: Logged

Robert W. Jones
Film Handler

Posts: 74
From: San Antonio, TX
Registered: Mar 2007


 - posted 02-10-2008 04:37 PM      Profile for Robert W. Jones   Email Robert W. Jones   Send New Private Message       Edit/Delete Post 
Mark,

If you have another computer laying around (doesn't have to be super fast state of the art), you can download and install Linux on it, and there is firewall software you can install to kill any ports, protocols and services you don't need (e.g. FTP, SSL, etc.). It's cheap and efficient, put behind the router or in front if you want to enable IP masking. Let your server do it's job on it's own.
Rob

 |  IP: Logged

Brad Allen
Jedi Master Film Handler

Posts: 688
From: Evansville, IN, USA
Registered: May 2000


 - posted 02-11-2008 07:08 PM      Profile for Brad Allen   Email Brad Allen   Send New Private Message       Edit/Delete Post 
My two cents, don't use port 80, use a non-standard port above 6000, if it's just you wanting access. Makes is a tad harder for some scripkiddie to find it.

 |  IP: Logged



All times are Central (GMT -6:00)  
   Close Topic    Move Topic    Delete Topic    next oldest topic   next newest topic
 - Printer-friendly view of this topic
Hop To:



Powered by Infopop Corporation
UBB.classicTM 6.3.1.2

The Film-Tech Forums are designed for various members related to the cinema industry to express their opinions, viewpoints and testimonials on various products, services and events based upon speculation, personal knowledge and factual information through use, therefore all views represented here allow no liability upon the publishers of this web site and the owners of said views assume no liability for any ill will resulting from these postings. The posts made here are for educational as well as entertainment purposes and as such anyone viewing this portion of the website must accept these views as statements of the author of that opinion and agrees to release the authors from any and all liability.

© 1999-2020 Film-Tech Cinema Systems, LLC. All rights reserved.