securiity for small school

Discussion in 'other firewalls' started by wyrmrider, Jul 10, 2004.

Thread Status:
Not open for further replies.
  1. wyrmrider

    wyrmrider Registered Member

    Joined:
    Jul 5, 2004
    Posts:
    59
    Location:
    california
    Hi

    our school has 3 power mac labs and one Win 2k pc lab plus the offiice win 2k
    we are switching to broadband internet and ethernet from appletalk and dial up
    I am thinking of a d-link hardware firewall, router, and switches with a managed switch for the office.
    no wi-fi at this time all hard wired
    we have HP ethernet printers which can work on both the macs and pcs

    currently the office is running norton av and systems work plus ad aware spybot, spywareblaster ie-spyads, host file, spywareguard, etc

    I am thinking of the liinux based software firewall for the gateway.
    I would also like to block in and out-- similar to hosts file or restricted zone blocks would this be part of the dns server?
    I would like heuristics

    the other consideration is for the intranet- keeping the kiddies away from the office

    we have a windows 2000 server license but no server at this location yet
    going to install it along with network
    the workstations are running 2000 pro sp4 sun java, mozilla firefox (on one for test) in the pc lab we are trying one each of the free firewalls and avs available and will settle on one
    it would be nice not to have this software on each system but to it at a centeral point
    we will be switching the pc lab from ie explorer and microsoft VM this summer

    any ideas would be appreciated
    thanks
     
  2. meneer

    meneer Registered Member

    Joined:
    Nov 27, 2002
    Posts:
    1,132
    Location:
    The Netherlands
    Do the kiddies have to use the internet? If so, you'll have to do some blocking. Best option: get a linux distribution geared for schools:
    censornet. There are a few low cost options, like blacklists or content scanning (including skin tone filtering), but they'll cost a few dollars per year.

    Or get another linux distro and add some filters, like squidgard, or dansguardien. Get sme server.
    Of course there are AV (clamav) and AS (spamassassin) modules to plugin.
     
  3. wyrmrider

    wyrmrider Registered Member

    Joined:
    Jul 5, 2004
    Posts:
    59
    Location:
    california
    thanks meener

    the jr highs are a problem with games- porn- and other unfiriendly from an administrators point of view (not dealing with the content) SITES
    blocken the content is also needed in many cases
    I bookmarked your suggestions
    I havn'et been able to re-locate the linux firewall and dns server-- any leads?

    Wyrmrider
     
  4. meneer

    meneer Registered Member

    Joined:
    Nov 27, 2002
    Posts:
    1,132
    Location:
    The Netherlands
    Sorry, I don't quite get the question...
    If you plan on using a linux dns server, you may take a look at the sme server links, forums and plugins. Plenty solutions.

    BTW: it's also a great primary domain controller ;)
     
  5. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    You might find something that will help here
     
  6. wyrmrider

    wyrmrider Registered Member

    Joined:
    Jul 5, 2004
    Posts:
    59
    Location:
    california
    thanks for the tips folks keep em coming

    I would like to put a computer in the communication closet with the modem, hardware firewall, router and main switch and have it do as much work (in a secure spot) as possible we have on ups
    the sms looks like a good place to start
    we can get a donation of any or all symantec products however that is not the overiding consideration

    things this box could do (so far)
    dns server
    software firewall
    privacy software
    restricted sites type action
    HOSTS file type action
    porn/nasties site blocker
    virus and e-mail scanner

    later could host small website
    how much horsepower should we budget?

    so: we are looking for hardware and software Ideas for the communication closet to replace our old individual computer dial up system

    thanks

    ps I downloaded the pdf and will distriibute to staff thanks
     
    Last edited: Jul 15, 2004
Thread Status:
Not open for further replies.