Changes…
by admin on Oct.01, 2012, under Uncategorized
You know, when testing out software, sometimes things just go crazy…
Untangle
by admin on Jul.10, 2012, under Linux, Security
Package: Untangle 9.2.3
Site: http://www.untangle.com/store/lite-package.html
What it is: Complete UTM open source Linux-based software
Install Method: Bootable CD-ROM or USB flash drive
Observations: Booting with either the CD-ROM of the USB flash drive, the user is presented with a menu that allows them to choose either a graphical or text based install method.
After selecting the install method and answering questions ask by the installer concerning your language, location, etc., you are quickly on your way.
Untangle will give you a quick summary of the system before continuing. If the RAM or hard drive space is not sufficient, the install will stop here.
You will be informed that the hard drive will be formatted and to acknowledge this.
Once this portion of the install has been completed, you are asked to reboot the system.
After rebooting, you will continue with the Untangle configuration.
Unlike other Linux based routers that require you to log into a remote web console, Untangle will start up with a local web console to complete the configuration.
Untangle can also be configured as an inline bridge, useful if you already have a router and want to add filtering.
Login Screen:
Home Page:
You’ll notice Untagle is very different looking. Instead of having a central menu of common items, Untangle uses a “rack” of features, either individual programs or installed via packages. The “Lite” package contains all of the open source applications in Untangle’s offerings.
You’ll need to create an account for Untangle
Downloading and installing the “Lite” package
Once the applications ar installed and activated, they appear in the rack
Thoughts:
Untangle’s install process went a step further than the other Linux/BSD router installs, going from bare metal to deployed in one sitting.
Having the choice to use either a bootable CD-ROM or USB flash drive is an added plus for me.
I don’t like having to search through menus or remembering where features are located. Untangle’s approach is to place active features front and center in what they call the “Rack” and is what sets Untangle apart from their competition.
Smoothwall
by admin on Jul.10, 2012, under Linux, Security
Package: Smoothwall Express 3.0 SP3
Site: http://www.smoothwall.org/
What is it: Open source firewall based on GNU/Linux
Install Method: Bootable CD-ROM
Observations: Familiar Linux text-based installer loads, informs the user that the data on the hard drive is about to be over written. Acknowledging the warning, the installation continues with the hard drive being formatted and Smoothwall being installed. Once this step completes, Smoothwall will reboot your computer and ask if you want to restore from a backup. Since this is a new install, the answer is “no”.
The installer will also ask questions about the install. Answer accordingly.
This is another install where “Green” and “Red” are used to designate the inside and outside interfaces.
You’ll be asked for the IP addresses for each interface, the gateway and DNS settings, and what passwords you want set for the admin and root accounts. Once these questions have been answered, Smoothwall will reboot for the final time.
The wed console is located at: https://Inside-IP-address-of-smoothwall:441
Username: admin
Password: Chosen during install
Login Screen:
Home Page:
Thoughts:
A fairly easy install once you understand the “Green” and “Red” nomenclature.
The web interface is fairly straight forward, similar in look and feel to other Linux/BSD based routers.
pfSense
by admin on Jul.10, 2012, under BSD, Security
Package: pfSense 2.0.1
Site: http://www.pfsense.org/
What it is: An Open Source minimalist firewall based on FreeBSD
Install Method: Bootable CD-ROM in a “Live CD” format – allowing you to try the software before installing it
Observations: Once booted into the Live CD, user is presented with a menu to either install or run the Live CD. To continue the install press “I”. The Install went really quick, the installer asked which interfaces were connected to the WAN and LAN respectively. It uses 192.168.1.1 as the default LAN IP address
To control pfSense, log into the web configurator at https://default-LAN-address:443
The default username: admin
The default password: pfsense
The console allows you to make minor changes concerning what interfaces go where, reset the device back to its defaults, reset the admin password and reboot the device
Login Screen:
Home Page:
Thoughts:
Being minimalist is nature, pfsense is really easy to install and configure. My test system seems like overkill for the software.
The menu layout is similar to other Linux/BSD routers.
IPFire
by admin on Jul.09, 2012, under Linux, Security
Package: IPFire 2.11 (i586) – core60
Site: http://www.ipfire.org
What is it: Minimalist Linux based firewall
Install Method: Bootable CD-ROM, Linux text based install
Observations: PC boots into familiar text based Linux installer, uses “Green” and “Red” nomenclature to designate inside and outside connections. During initial install process, installer asks for “Green” and “Red” interface connections and their respective IP addresses. The installer also asks for the new admin password, which will be used for both the root and web interface accounts.
A web interface is used to configure and control the IPFire firewall. Use the internal IP address or “Green” interface: http://internal-IP-address-of-device:444
Login Screen:
Home Page:
Thoughts: I found this distribution easy to install and configure. The home page reminds me a lot of other minimalist Linux based firewalls.
Endian Firewall
by admin on Jul.09, 2012, under Linux, Security
Package: Endian Firewall EFW 2.5.1 (Community Edition)
Site: http://www.endian.com/en/community/overview/
What is it: Endian Firewall is an open source UTM appliance based on Linux
Install Method: Bootable CD-ROM, Linux text install
Observations: Booting from the CD-ROM begins the install process, with the installer informing you that continuing will lose any data currently on the hard drive.
You’ll also notice the familiar Linux text installer and as the installation continues, you will be asked what the default IP address will be for often used “Green” and “Red” labels for the interfaces.
After the reboot, you’ll need to login to the web console to finish the install. Logging into to the web interface at the address https://default-ip-for-Endian:10443 you’ll encounter the Endian Firewall setup screens.
To finish the remaining portions of the install, answer the questions and complete the network settings. The Endian firewall will reboot and be ready to use.
Login Screen:
Home Page:
Thoughts:
Endian Firewall EFW 2.5.1 Community is the open source side of Endian UTM appliance, it has most of the functionality of the commercial version. For larger organizations, going with the commercial version makes sense since you also get support services.
The menu system organizes items in a similar fashion as other Linux-based firewall/routers.
Unified Threat Management (UTM) Software
by admin on Jul.09, 2012, under BSD, Linux, Security
With the use of the internet now mainstream and it being crucial to the day to day workings of many businesses, it is important to be aware of the various types of threats that come from accessing this resource.
The vectors:
- Spam: Unsolicited or unwanted email.
- Phishing: Scams sent via emails targeting users that purport to come from a legitimate source. In reality these emails link to websites specifically setup to collect user information, usually banking or other financial data.
- Viruses embedded email: Emails that have virus or other rogue software embedded that activate when read.
- Spoofing: Emails that report coming from one source, but in reality are coming from another.
Websites
- Virus infected website: A website that has had its code infiltrated with rogue software that infects visiting users’ PCs.
- Spoofing: A Website whose address has been compromised, it isn’t what it claims to be.
Internet Browsers
- Browser hijacks: Internet Explorer is more prone to this, visiting a rogue website installs software that forces the browser to redirect from the intended websites
Direct Attacks
- Denial of Service (DOS) attack: A common method of attack involving saturating the targeted machine with external communication requests, such that it cannot respond to legitimate traffic.
- DNS Spoofing: DNS cache poisoning, a hacking attack where incorrect data is introduced into a domain’s DNS server cache.
There are a wide variety of antivirus and anti-malware programs that users can install on their PCs. Collectively these programs are marketed as a means to handle the growing security threat that the internet introduces to a network. These threats are ever evolving, and if these programs are not maintained, will leave the end user just as vulnerable as having no protection. Multiply that situation by the number of PCs on any given network and you can see that effectively protecting a network can be a daunting task.
Enter UTM or Unified Threat Management. This is a technique or rather a solution where all internet traffic is filtered at the point of entry, before it is even allowed to reach your network. These solutions can be a software package you download and install on a server, or a network appliance dedicated to the UTM task.
In my search for viable UTM solutions, I came across one called Untangle, and have subsequently found similar products from other providers. In my testing thus far, Untangle has been my UTM of choice. Compared with the others, Untangle stands out in both configuration and setup.
My checklist to deploy an UTM:
Dedicated server: Even though an older Intel or AMD system boards with minimal RAM and hard drive space will often get the job done on small networks, using newer hardware with more RAM and storage space will produce better results and happier network users.
My testing server:
Hardware:
Intel SE7501HG2 dual 3.2ghz Xeon, 4gb RAM, 160gb hard drive, dual Intel 1gb NIC, No CD-ROM (this is an alliance after all, think minimalist hardware)
I have the onboard SCSI and floppy controllers disabled. This server is also 32bit. Any UTM solution I want to test will have to have a 32bit distribution.
A CD-ROM will be available for installs, although once an appliance is installed, it would be best if re-installs could be done with a USB flash drive.
Between installs, I found that cleaning the hard drive from the previous Linux install is often needed for a successful install.
What was tested:
- Ease of install
- Configuring internal and external IP addresses
- Attaching a remote PC to the network
- Connecting to the web interface, logging in, viewing menus
- Surfing the internet and checking the settings
- Test complete
No other configuration was done. The point of this is to see how quickly one of these UTMs can be configured and deployed with basic settings. If the basics work properly, the likely hood is that the end user will continue on with the remainder of router install, configuring port forwards, firewall rules, VPNs, and other high level security such as web and email filtering. These are aspects of the software install that are not relevant to this article, as I’m just giving a brief overview of install starting with bare metal to a functioning device.
Now for the fun stuff:
The Software:
Small Business Server 2011
by admin on Jun.22, 2012, under Microsoft, Server Support
The small business server community is the focus of portlandia IT, which entails researching products and applications that best suit their needs.
Microsoft has also recognized the needs of the small business community and has been producing a product specifically for this market since the late ’90s. This product is called the Windows Small Business Server and it began with SBS 4.0.
Small Business Server 2011 is a significant improvement over past versions of the server platform:
- Small Business Server 2011 is 64 bit, bases on Windows Server 2008 R2
- The email server is Exchange 2010
- Incorporates SharePoint Foundation 2010
- Uses Windows Server Update Services to centrally manage update deployment to server and end-user PCs
- Easy to manage Central Console
Most of Small Business Server 2011 software I have installed, the 75 user limit is not an issue. The main problem with prior versions of SBS was the mail store size limit.
SBS 2003 used Exchange 2003 Standard and it has a mail store limitation of 75 GB. I found that even small shops were soon reaching that threshold.
With the introduction of Small Business Server 2008 and Exchange 2007, thankfully that limitation is gone.
SBS 2011 is improved upon by the addition of Microsoft Exchange 2010 and is also not limited.
There are several things to consider when looking at adding to or upgrading your existing server environment.
Given the proper circumstances, offices that need a server to manage users, user data, and want access to email in-house, the Small Business Server 2011 makes a good fit.
It is easy to manage, easy to back up and given the right hardware is very robust.
There are times when a single server will not adequately service the needs of an office, when such times arise, Microsoft has available the Small Business Server 2011 Premium Add-on. This adds a second Server 2008 R2 license and a SQL server to use with the existing Small Business Server 2011.
Untangle Your Network
by admin on Jun.20, 2012, under Network Support, Untangle
Do you ever wonder what’s on your network and how to untangle the mess if you find one?
Many of us have just plain ordinary small business routers at the edge of our networks, usually given away as part of the service (not quite free), easy to setup, and for the most part work as advertised.
Over the years I have used devices from ActionTec, Cisco, D-Link, Linksys, and Netgear. These devices are very versatile and come in a range of capabilities.
The days of “easy” are long since gone, and have certainly changed, not for the better.
What we call the “internet” has evolved and how we manage our network connectivity can no longer be met with simple “one dimensional” devices.
Most SMB routers are capable of firewalling and Network Address Translation, aka NAT (passing traffic from the outside network WAN, to the inside network LAN), but they don’t filter the traffic being let in.
What that means is, if you have connectivity to the internet, all traffic being passed through to your network has the potential of being unwelcomed.
Spam, PHISH scams, website spoofing, malware redirections and even virus infected websites will pass undetected through to an unsuspecting PC on the LAN side of the network.
Most of these types of threats are actually initiated by the user quite innocently.
Ever get an email from a legitimate source and asked to open a file? Or have you ever used a search engine to search for something?
Believe it or not, these are the vectors that can get people into trouble more so than an infected file passed from one PC to the next.
Gone are the days of getting by with the bare minimum protection.
Enter the Untangle network “appliance”.
A network appliance is a device that is more than just a firewall or NAT router. It has enough horse power to monitor the traffic being let into the network, determine if it is wanted or not and is able to do something about it before it reaches the inside of your network.
I have become familiar with one such appliance manufacturer, called Untangle. This company offers both a software only product and a physical appliance.
The software only option allows a small company to repurpose older hardware into a really effective appliance, or as I have done, purchase hardware with the specific purpose of deploying the Untangle software. The thing to note is that there is no difference between the software and the appliance; they are the same, although costs vary depending on the package or appliance purchased.
If you have the hardware lying around, you can test drive the Untangle software in all its glory for 14 days to determine if it will suit your needs. If you decide not to register Untangle at the end of the trial, all is not lost as it reverts to Untangle’s free version. The product is still very usable for home and small office use. This version is what Untangle calls “Lite”.
You can purchase the various applications that make up Untangle individually or in packages if you go with the software only option.
The appliances come in two flavors: Premium and Standard. These two packages are also available with the software only option.
The Untangle Premium Package includes all of the following premium applications:
•Web Filter – Premium web content filtering.
•Application Control – Control any application or protocol with a checkbox or use the Integrated Rules Engine to leverage other Untangle apps for complex rules.
•Live Support – For easy resolution of any technical issues. Includes Configuration Backup!
•Policy Manager – Create web usage restrictions, such as teacher vs student.
•Branding Manager – Customize “block” screens with your own messages and logo.
•WAN Failover – Keep yourself online with multiple ISP’s.
•WAN Balancer – Leverage multiple ISP’s for better bandwidth utilization.
•IPsec VPN – Securely connect your network to others.
•Web Cache – Save time and money by caching frequently accessed items.
•Bandwidth Control – Prioritize traffic as you see fit.
•Virus Blocker – Prevent infections from reaching your network.
•Spam Blocker – Stop spam before it hits your mail server.
•Directory Connector – Enforce restrictions and view reports by Active Directory user name.
The Premium Package also includes all of our free applications that come with the Lite version.
The Untangle Standard Package features these premium applications:
•Web Filter – Premium web content filtering.
•Application Control – Control hundreds of popular applications, from Facebook games to BitTorrent downloaders to Ultrasurf proxies.
•Live Support – Easy resolution of technical issues. Includes Configuration Backup!
•Policy Manager – Create web usage restrictions, such as teacher vs student.
•Branding Manager – Customize “block” screens with your own messages and logo.
•IPsec VPN – Securely connect your network to others.
•Directory Connector – Enforce restrictions and view reports by Active Directory user name.
The Standard Package also includes all of our free applications that come with the Lite version.
If you decide not to register Untangle, the device will revert to the Lite Package and has the following applications available free to use:
•Web Filter Lite
•Protocol Control
•Virus Blocker Lite
•Spyware Blocker
•Phish Blocker
•Intrusion Prevention
•Attack Blocker
•Firewall
•OpenVPN
•Reports
•Spam Blocker Lite
•Captive Portal
•Ad Blocker
Quick Posting Blog Entries
by admin on Jun.20, 2012, under Computer Support
Ever wonder how to post something on your blog rather quickly?
With WordPress you have various methods:
- Use the Word blog post template
- Use Android or iOS WordPress apps
- Send your blog post to your site via email
It’s this last item that I want to talk about.
Once you have WordPress configured, one of the options to consider is giving yourself the ability to post blog entries via email.
This feature doesn’t require an app nor a special blog template to start creating, all one needs is access to email.
When considering to use the “Post Via E-mail” feature in WordPress, best practices suggest using a unique username not easily guessed and a strong password. This will help prevent you mail server and WordPress blog from being overrun with spam, making the feature pointless.
-
Hi! Welcome to portlandia IT!
Thanks for dropping by! Feel free to join the discussion by leaving comments, and stay updated by subscribing to the RSS feed. See ya around!
