View Single Post
  #9   (View Single Post)  
Old 11th November 2010
joostvgh joostvgh is offline
Port Guard
 
Join Date: Jan 2010
Posts: 38
Default

in my current situation it is not really important how secure my server is (although atm is can still be called very secure). I am not at a big company, I live in a student home and we share 1 4mbit connection among 60 people. I am using openbsd mainly to block protocols/websites that generate the most traffic (limewire, torrents, rapidshare, ..).

to block rapidshare, I installed dnsiff for dns spoofing, also I blocked their ip range in the PF.

There are no hackers among us, and even if there were, it would require someone with thorough knowledge to even try to do something to get through.

Atm I am also not able to have physical access to the server, since I am not the owner of the building I live in, and it is located in the basement.

I can connect to the server using putty though.

So, the only thing I would like to do is limit the internet connection from the inside (during day), so the internet stays accessible to all users.

Also I installed darkstat to monitor bandwidth usage per IP.

The problem is that for these very usefull applications (in my case), there is not always a openbsd version available. I understand that when it comes to a corporation which needs to be secured from the outside as well from the inside, no flaws can be allowed.

I hope I haven't frankensteinized the system too much by trial-and-erroring my way through the applications (but I think not).
Reply With Quote