2010 09-22 infra rn security meeting - palestra firewalls opensource

Download 2010 09-22 infra rn security meeting - palestra firewalls opensource

Post on 30-May-2015

330 views

Category:

Documents

1 download

Embed Size (px)

TRANSCRIPT

  • 1. Eduardo Coelhohttp://coelho.ithub.com.br

2. Eduardo Coelho 3. Porque isso muda tudo BSD license x GPL 4. Firewall Opensource 5. Linux FreeBSD OpenBSD 6. Netfilter/Iptables(+IProute2+HTB/CBQ) IPFW PF 7. Absurdamente rpidos Processam trfego de rede By default j rodam no kernel Features incluem: Statefull inspection QoS/Priorization Static Routing Dynamic Routing* 8. Fwbuilder Shorewall 9. Instalao no Debian:#aptitude install shorewall Quick Start Guide:http://www.shorewall.net/ shorewall_quickstart_guide.htm 10. Instalao no Debian:#aptitude install fwbuilderOBS: requer X instalado Instalao Windows (comercial)http://www.fwbuilder.com17 MB downloadNext->Next->Finish Quick Start Guide:http://www.fwbuilder.org/ 4.0/docs/users_guide/ gettingstarted.html 11. Licena dupla GPL+Comercial Verso Windows empacotadasomente na comercial Suporte diversos firewalls,incluindo Netfilter, IPFW, PF GUI 12. Squid Dansguardian 13. Instalao no Debian:#aptitude install squid um Proxy HTTP (Acelerador) Possibilidade de Gerar Relatrios(SARG) Config Examples:http://wiki.squid-cache.org/ ConfigExamples/ 14. Faz uso intenso de RAM, HD e CPU ena maioria dos casos requerer umhardware de PC/Server Possui uma grande comunidade deusurios Curva de aprendizado lenta Permite controle de banda simplesvia delay_pools (controle de taxa detransferncia para download) Pode ser usado como Reverse Proxy(Acelerador de Aplicao) 15. Instalao no Debian:#aptitude install dansguardian Processa 100% do contedo viaString Match Ubuntu Config Example:http://www.pilpi.net/journal/ 2006/03/setting-up- dansguardian-on-a-single-home- pc-running-ubuntu/ 16. No faz cache usado normalmente emconjunto com o squid Possui uma grande comunidadede usurios usado em milhares de escolas,bibliotecas e faculdades parafiltragem de contedo web 17. Vyatta Pfsense Untangle Monowall Smoothwall Zentyal IPCop Endian ClearOS Zeroshell Proxmox 18. Pfsense Monowall IPCop Zeroshell 19. Administrao Web Principais features Statefull firewall VPN Traffic Shapping DHCP DNS ISO = 18MB (!) 20. Administrao Web Principais features Statefull firewall VPN Traffic Shapping DHCP DNS ISO = 65MB 21. Administrao Web Principais features Statefull firewall VPN Traffic Shapping DHCP DNS HTTP Proxy + Web antivirus LDAP SSL CA VMware friendly ISO = 148MB 22. Administrao Web Principais features Statefull firewall VPN Traffic Shapping DHCP DNS ISO = 51MB 23. Vyatta Untangle Smoothwall Zentyal Endian ClearOS Proxmox 24. Antigo E-BOX Principais features Statefull firewall VPN Traffic Shapping DHCP DNS LDAP HTTP Proxy IDS SSL CA Zarafa (groupware) Samba Duplicity (backup) Jabber Asterisk Postfix ISO = 470MB Install Only 25. Principais features Statefull firewall VPN Traffic Shapping DHCP DNS LDAP HTTP Proxy SSL CA Postfix ISO = 700MB 26. Mail Gateway Principais features Statefull firewall VPN Traffic Shapping DHCP DNS LDAP SQL SSH VMware friendly Suporte embutido para Kaspersky eAvira ISO = 345MB 27. CLI e WebGUI Opo para gateway de alto desempenho Posiciona-se como alternativa opensource aCisco e Juniper Principais features Statefull firewall VPN Traffic Shapping DHCP DNS LDAP QoS Bonding Load balancing Dynamic Routing ISO = 164MB Boot CD 28. Estrutura de pacotes grtis e pagos facilita o licenciamento Principais features Statefull firewall VPN Traffic Shapping DHCP DNS LDAP HTTP Proxy IDS SSL CA SambaISO = 456MB 29. Principais features Statefull firewall VPN Traffic Shapping DHCP DNS LDAP HTTP Proxy IDS SSL CA Samba Asterisk Postfix ISO = 78MB Install Only (No Live) 30. Principais features Statefull firewall VPN Traffic Shapping DHCP DNS LDAP HTTP Proxy IDS Samba Postfix High availability NTLM SSO Hotspot Hardware e Software Appliance ISO = 130MB 31. OSSEC Snort SELinux AppArmor Tripwire Fakeroot Virtualizao 32. http://coelho.ithub.com.br