I think basic topography issues will determine what I can do here. But
here's what I have, and then what I need, what I think I can do, and
then my request for a severe beating...I mean, help with simply how to
get started. =)

We have a small business with about 10 WinXP (Home) PC's, a Mac, two
Fedora Core PC's and a FC fileserver.
These are all connected to one switch (without a sensing or span port).
And this is connected to the router/NAT/firewall provided by our
ISP/DSL providor for our business.
It's this NAT(?) that is giving the 192.168.1.* IP's and blocking ports
from the Internet side.

What I need to do, is insert a machine between the ISP's NAT and the
switch to
a) Be a VPN server to allow a remote employee access to file shares
internally
b) Be an IDS box with Snort to track and monitor traffic entering and
leaving the network.

What I first thought was that I could have this machine, RedHat 9 is
what it will have, to be a Primary Domain Controller, but since some
users are using WinXP Home, they can only workgroup.

So here's my question: Is it possible, for this RH 9 PC with two NICs
to be able to be between the ISP NAT and the switch? Allow the ISP NAT
to provide IP's (actually, I'm forcing the PC's to use static IP's, but
that's beside the point,) to itself and all other PC's, while still
monitoring traffic?

Maybe because it has to..."pass through"(?), it can't really be a
firewall, but monitoring? I gather the NIC on the NAT side will get an
IP from that NAT, but what about the NIC on the switch side? How does
that work?
CAN the PC be a NAT itself without having to be a PDC? Can the PC's on
the switch still get IP's from this new machine without it being a
domain?

Thanks for ANY advice, pointers...just looking for suggestions of where
to start looking and what to look for.
Thanks,
Liam

Ah, there are still lots of layoff IT people out wanting jobs.

Your other option is to get yourself an Indian student to answer your
questions for free.

Best of luck.

Layoff_IT wrote:
Why, that was not the least bit helpful. Thank you. =)
Usenet/newsgroups ARE free, last I checked (or else I have one HUGE
bill coming!) and I really don't care the nationality of the person who
helps me out. They can be an out of work Muslem Eskimo with family ties
to Brazil for all I care.
Thanks,
Liam

Take a look at IPCOP as a replacement for that NAT box. It will provide
NAT, Firewall, IDS / snort, IPSec VPN endpoint/server , DHCP server etc.

It's based on LFS (Linux from scratch) release under GPL. Just Google for
it.

Cheers

TweetyB wrote:
Whoa! That looks like EXACTLY what I need! I'm going with that--thanks
for the tip!
I've looked around on the site, and I can't seem to find any
minimum/recommended hardware requirements. Even the link to the
compatible hardware list is broken.
Any idea how it will run on:
AMD Duron 166 MHz
50MB RAM
3GB HD?

It's not much, but I figure if it doesn't use X-windows, then it should
be enough.

Thanks!
Liam

AMD Duron 166 MHz
50MB RAM
3GB HD?

No Problem. I run it on a P166, 32Mb, 2G HDA.

It is a little slow if U install COP+ with Dansguardian and the firewall
logs aren't that quick. Works like a charm on a K6-2 450 though.

cheers