![Page 1: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/1.jpg)
Eduardo Coelho
http://coelho.ithub.com.br
![Page 2: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/2.jpg)
Eduardo Coelho
![Page 3: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/3.jpg)
Porque isso muda tudo BSD license x GPL
![Page 4: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/4.jpg)
Firewall Opensource
![Page 5: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/5.jpg)
Linux
FreeBSD
OpenBSD
![Page 6: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/6.jpg)
Netfilter/Iptables (+IProute2+HTB/CBQ)
IPFW
PF
![Page 7: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/7.jpg)
![Page 8: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/8.jpg)
![Page 9: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/9.jpg)
![Page 10: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/10.jpg)
Absurdamente rápidos
Processam tráfego de rede
By default já rodam no kernel
Features incluem:
Statefull inspection
QoS/Priorization
Static Routing
Dynamic Routing*
![Page 11: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/11.jpg)
Fwbuilder
Shorewall
![Page 12: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/12.jpg)
![Page 13: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/13.jpg)
Instalação no Debian:
#aptitude install shorewall
Quick Start Guide:
http://www.shorewall.net/
shorewall_quickstart_guide.htm
![Page 14: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/14.jpg)
![Page 15: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/15.jpg)
Instalação no Debian:
#aptitude install fwbuilder
OBS: requer X instalado
Instalação Windows (comercial)
http://www.fwbuilder.com
17 MB download
Next->Next->Finish
Quick Start Guide:
http://www.fwbuilder.org/
4.0/docs/users_guide/
gettingstarted.html
![Page 16: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/16.jpg)
![Page 17: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/17.jpg)
![Page 18: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/18.jpg)
Licença dupla GPL+Comercial
Versão Windows empacotada somente na comercial
Suporte diversos firewalls, incluindo Netfilter, IPFW, PF
GUI
![Page 19: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/19.jpg)
Squid
Dansguardian
![Page 20: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/20.jpg)
Instalação no Debian:
#aptitude install squid
É um Proxy HTTP (Acelerador)
Possibilidade de Gerar Relatórios (SARG)
Config Examples:
http://wiki.squid-cache.org/
ConfigExamples/
![Page 21: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/21.jpg)
![Page 22: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/22.jpg)
Faz uso intenso de RAM, HD e CPU e na maioria dos casos requerer um hardware de PC/Server
Possui uma grande comunidade de usuários
Curva de aprendizado lenta
Permite controle de banda simples via delay_pools (controle de taxa de transferência para download)
Pode ser usado como Reverse Proxy (Acelerador de Aplicação)
![Page 23: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/23.jpg)
Instalação no Debian:
#aptitude install dansguardian
Processa 100% do conteúdo via String Match
Ubuntu Config Example:
http://www.pilpi.net/journal/
2006/03/setting-up-
dansguardian-on-a-single-home-
pc-running-ubuntu/
![Page 24: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/24.jpg)
![Page 25: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/25.jpg)
Não faz cache
É usado normalmente em conjunto com o squid
Possui uma grande comunidade de usuários
É usado em milhares de escolas, bibliotecas e faculdades para filtragem de conteúdo web
![Page 26: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/26.jpg)
Vyatta
Pfsense
Untangle
Monowall
Smoothwall
Zentyal
IPCop
Endian
ClearOS
Zeroshell
Proxmox
![Page 27: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/27.jpg)
Pfsense
Monowall
IPCop
Zeroshell
![Page 28: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/28.jpg)
Administração Web
Principais features
Statefull firewall
VPN
Traffic Shapping
DHCP
DNS
ISO = 18MB (!)
![Page 29: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/29.jpg)
![Page 30: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/30.jpg)
![Page 31: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/31.jpg)
![Page 32: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/32.jpg)
Administração Web
Principais features
Statefull firewall
VPN
Traffic Shapping
DHCP
DNS
ISO = 65MB
![Page 33: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/33.jpg)
![Page 34: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/34.jpg)
![Page 35: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/35.jpg)
![Page 36: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/36.jpg)
Administração Web Principais features Statefull firewall VPN Traffic Shapping DHCP DNS HTTP Proxy + Web antivirus LDAP SSL CA
VMware friendly ISO = 148MB
![Page 37: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/37.jpg)
![Page 38: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/38.jpg)
![Page 39: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/39.jpg)
![Page 40: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/40.jpg)
Administração Web
Principais features
Statefull firewall
VPN
Traffic Shapping
DHCP
DNS
ISO = 51MB
![Page 41: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/41.jpg)
![Page 42: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/42.jpg)
![Page 43: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/43.jpg)
![Page 44: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/44.jpg)
Vyatta
Untangle
Smoothwall
Zentyal
Endian
ClearOS
Proxmox
![Page 45: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/45.jpg)
Antigo E-BOX Principais features
Statefull firewall VPN Traffic Shapping DHCP DNS LDAP HTTP Proxy IDS SSL CA Zarafa (groupware) Samba Duplicity (backup) Jabber Asterisk Postfix
ISO = 470MB Install Only
![Page 46: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/46.jpg)
![Page 47: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/47.jpg)
![Page 48: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/48.jpg)
![Page 49: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/49.jpg)
Principais features
Statefull firewall
VPN
Traffic Shapping
DHCP
DNS
LDAP
HTTP Proxy
SSL CA
Postfix
ISO = 700MB
![Page 50: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/50.jpg)
![Page 51: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/51.jpg)
![Page 52: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/52.jpg)
![Page 53: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/53.jpg)
Mail Gateway
Principais features Statefull firewall VPN Traffic Shapping DHCP DNS LDAP SQL SSH
VMware friendly Suporte embutido para Kaspersky e
Avira
ISO = 345MB
![Page 54: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/54.jpg)
![Page 55: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/55.jpg)
![Page 56: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/56.jpg)
![Page 57: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/57.jpg)
CLI e WebGUI Opção para gateway de alto desempenho Posiciona-se como alternativa opensource a
Cisco e Juniper Principais features Statefull firewall VPN Traffic Shapping DHCP DNS LDAP QoS Bonding Load balancing Dynamic Routing
ISO = 164MB Boot CD
![Page 58: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/58.jpg)
![Page 59: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/59.jpg)
![Page 60: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/60.jpg)
![Page 61: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/61.jpg)
Estrutura de pacotes grátis e pagos facilita o licenciamento
Principais features Statefull firewall VPN Traffic Shapping DHCP DNS LDAP HTTP Proxy IDS SSL CA Samba
ISO = 456MB
![Page 62: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/62.jpg)
![Page 63: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/63.jpg)
![Page 64: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/64.jpg)
![Page 65: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/65.jpg)
![Page 66: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/66.jpg)
Principais features Statefull firewall VPN Traffic Shapping DHCP DNS LDAP HTTP Proxy IDS SSL CA Samba Asterisk Postfix
ISO = 78MB Install Only (No Live)
![Page 67: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/67.jpg)
![Page 68: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/68.jpg)
![Page 69: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/69.jpg)
![Page 70: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/70.jpg)
Principais features Statefull firewall VPN Traffic Shapping DHCP DNS LDAP HTTP Proxy IDS Samba Postfix
High availability NTLM SSO Hotspot
Hardware e Software Appliance
ISO = 130MB
![Page 71: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/71.jpg)
![Page 72: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/72.jpg)
![Page 73: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/73.jpg)
![Page 74: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/74.jpg)
OSSEC
Snort
SELinux
AppArmor
Tripwire
Fakeroot
Virtualização
![Page 75: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/75.jpg)
http://coelho.ithub.com.br
![Page 76: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/76.jpg)
![Page 77: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/77.jpg)
![Page 78: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/78.jpg)
![Page 79: 2010 09-22 infra rn security meeting - palestra firewalls opensource](https://reader034.vdocuments.net/reader034/viewer/2022052523/5568da35d8b42a173c8b5452/html5/thumbnails/79.jpg)