PfSense Installtion
-
Hello all expert network administrator,
i plant to install firewall after the modem. I don't know which one to choose.
Pfsense or Ipcop.I have downloaded the iso and cehck the md5. It's ok. I used 1.0.1 .
During the installtion process, i used auto detect the network interface cards but cannot find any link up. I don't know. I truly a newbie, nood and dump.I using onboard AMD M2N-E NIC.
Sorry for my stupidity.I have iptables installed in my Linux and get hacked by my ISP. Therefore, i wonder whether ipcop can protect me from hacker. I have stateful firewall(Iptables) but still get hacked.
I need your opinion and guide.
Thanks for your help.Your help is greatly appreciated by me and others.
-
Does the default firewall rules can protect me from hacker ?
Does i need to setting the rules after installtion ?
How to configure the firewall rules after installtion ?Thanks for your help.
-
In ipcop, there are two interfaces which Red(Internet) and Green(LAN). I don' know the equal features in pfsense.
My network diagram as follow:
Modem->pfsense->Router(Wired+Wireless)->PC || Laptop.
Does this work ?A billion thanks for all your help.
-
When you say "hacked by my ISP" what do you mean?
A firewall can only protect you from certain attacks - it can't stop somebody compromising your web browser and attacking your system that way. In the case of your diagram it also can't protect you from people using your wireless connection :)
-
I been hacked by my ISP before.
How to make my wireless connection protected by pfsense ?
Does D-Link DFE-528TX is good NIC ? I have review the hardware compatibility list and this card is supported by FreeBSD as well as PfSense but the documentation also recommended don't buy RealTek chipset based card. Therefore, i very confused.
How they can compromised my web browser ? I using Firefox.
How can i protect those also ?This URL describe the techniques used web browser to hack.
http://www.totse.com/en/hack/hack_attack/bghkunix.html
Does pfsense come with any encryption capabilities ?
Does i need to setting the rules after installation ?Thanks for your help.
Your help is greatly appreciated by me and others.
-
Does D-Link DFE-528TX is good NIC ? I have review the hardware compatibility list and this card is supported by FreeBSD as well as PfSense but the documentation also recommended don't buy RealTek chipset based card. Therefore, i very confused.
Buy Intel.
How they can compromised my web browser ? I using Firefox.
How can i protect those also ?Offtopic, but take a look at the likes of NoScript as a help. pfSense can't protect you from malicious web pages I'm afraid (and anybody who claims their firewall can is lying).
This URL describe the techniques used web browser to hack.
http://www.totse.com/en/hack/hack_attack/bghkunix.html
I've got some really bad news for you, the information there is very basic (think of it as the step before the ABCs).
Does pfsense come with any encryption capabilities ?
OpenVPN and IPSec spring immediately to mind - but they'll only protect client to pfSense, not pfSense to Internet.
Does i need to setting the rules after installation ?
Do you need to, no. Should you, maybe - depends on your security requirements and level of paranoia.
-
I been hacked by my ISP before.
Change ISP.
Btw : you never need their software to connect or to do anything.
Since when 'some one' goes right through iptables (WAN -> LAN) ? You have helped them a little bit … that's for sure.
How do you know it was your ISP : when I enter in something that's not my property, i always sign the walls with "The president was here", not "Your ISP" ;)How to make my wireless connection protected by pfsense ?
Start using the pfsense portal software (this will slow them down when one tries to abuse your internet connexion).
Don't us a pci-usb Wifi device (read : do not intergrate Wifi device into pfsense) - hook up the AP to a network card - Switch the AP to WPA2 or better.
Worst case situation : stop Stop using Wifi. Goto fiber : now you getting somewhere. -
I have install the pfsense in to my hard disk.
I have set it as follow:
modem->pfsense - WAN(DHCP), LAN(10.0.0.1) Subnet Mask:255.0.0.0 -> Router(Gateway:192.168.1.1) Subnet Mask:255.255.255.0 -> PC && Laptop.
but i cannot connect to the internet.
I can access the web GUI without go through router but with the router i no longer can access the web GUI. Why this happen ?
What is DHCP server ? When i assign an ip to LAN interfaces, pfsense asked to whether need to set up a DHCP server, n here?
The dialing is in router. I suing ppoe.Thanks for your help.
Your help is greatly appreciated by me and others.
-
If you dont know what a DHCP Server is i somehow have the feeling pfSense is the wrong router for you and you'd be better off with a standard router you can get for 20$ at almost every PC-shop.
Your LAN of the pfSense is a 10.x.x.x/8 subnet.
The WAN of your second router is a 192.168.1.x/24 subnet. -
I have a Zyxel-p334WT router but still failed to block someone hacking me.
Therefore, i really required a high end firewall such as pfsense.
This is a home network. I really a stupid guy. Please forgive me for know nothing.
Thanks for your help.
Your help is greatly appreciated by me and others.
-
I have the impression that you really should ask someone in your neighbourhood to help you configure your internet connection!
pfSense is a sharp weapon but unless you know what you are doing it is next to useless.
It's like cooking a good meal:
You bought all the tools required (knife, pots, etc), have shopped for grocery and meat and now you ask for help with cooking in the forum of the knife vendor. That's not going to work! They can tell you how to handle the knife safely but answering how to cook a delicious meal is out of the scope!Got the picture?
BTW: I seriously doubt that you have been hacked by your ISP. Maybe someone is trying to access your network through the internet connection you have with your ISP. And a request from a file sharing client to your IP address is far from being hacked…
-
I have a Zyxel-p334WT router but still failed to block someone hacking me.
You never answered what makes you think that you've been hacked.
What have you seen? Has someone controlled your PC remotely or changed a web site you host or what?Answer this before posting anything else!
-
This is a home network but i need to make as secure as corporate network because i 'm IT student from Malaysia and i would like to learn.
Besides that, the evidence of being hacked is the iptables firewall is being deleted. I used Fedora 7.
File which deleted
1. proc/net/ipv4/
2. /etc/sysconfig/iptables-config
3. IPtables contrack lib file
4. All the rules have been deleted.I don't know how the intruder can gain root access. Can i double encrypt
the /etc/passwd and /etc/shadow. As far as i know, hash is one way encrption where you cannot decrypt it.I feel upset because a lot of thing cannot be done. I always need to format my pc. FUCK the HACKER. I need to set up samba and ssh but i always need to format.(Don't bother this at the moment).
I hope you can guide me to set up the pfsense firewall.
My final network diagram is as below:
Modem(IP:192.168.1.100, Default Gateway: 192.168.1.254)->pfsense(WAN: 192.168.100, LAN: 10.0.0.1, Subnet Mask:255.0.0.0(8))->Router(Gateway:192.168.1.1, Subnet Mask:255.255.255.0)_PC && Laptop.
I have try this
Modem->Pfsense_>PC but the PC(XP) return limited or no connectivity.
The modem setting is bridge mode. Which one is the correct setting for modem
Dynamic IP, Bridge mode, PPPOE.I using D-LInk DFE-528TX which is a RealTek rtl-8139 chipset card.
Someone told me that the subnet mark cannot overlap in the IpCop forum. Hist nickname is ds531.
Therefore, i set up the pfsense in 255.0.0.0
My internet connection is PPOE(dynamic Ip) and current network diagram is as below:
Modem>Router>PC && Laptop where the router is responsible for the dialing the ppoe connection.
I hope you can help me out. I really need your help. I really suffered without a secure network. I think you also encounter before as like me.
I hope you can understand my feeling now. I will become mad if i cannot set this up.
A billion thanks for your help.
Your help is greatly appreciated by me and others.
Thanks.
Thanks.
Thanks.
Thanks.
Thanks.
Thanks.
Thanks.
Thanks.
Thanks.
Thanks.
Thanks.
Thanks.
Thanks.
Thanks.
Thanks.
Thanks.
Thanks. -
All my time is wasted at format and install. I cannot upgrade my IT skills anymore because of this matter. BEEP Malaysia ISP.
I suspicious my ISP hacked. I know this is unbelievable but this is a true story.
I don't know the reasons. From the output of trend micro, someone has connected to your network, then display the ip address of my router.My router is suck because is not statefull firewall. My router is Zyxel-p334WT.
I hope you can help me out.
****NOTE: Edited by Admin. please keep the conversation civil.****
-
As an IT student you sure have fellow students around that can help you setup your network correctly.
Private subnets and netmasks seem to be a good starting point in your case.
And there are lectures about basic networking you should attend… -
This is a home network but i need to make as secure as corporate network because i 'm IT student from Malaysia and i would like to learn.
Besides that, the evidence of being hacked is the iptables firewall is being deleted. I used Fedora 7.
File which deleted
1. proc/net/ipv4/
2. /etc/sysconfig/iptables-config
3. IPtables contrack lib file
4. All the rules have been deleted.I don't know how the intruder can gain root access.
What services are you exposing to the Internet/untrusted networks (eg, web server)? I'm certain that one of those is the source of your problem, which as I've said elsewhere changing you firewall won't help.
I'll also second jahnoix's comments in his post above.
-
I don't have the resources(Money) to attend the class. Internet is the basic method where i can gain variety of resources.
I think i should put my knee in the floor to bag for help. We know that UNIX is a difficult job but you can guide me through such as links or book and step by step set up.
Thanks for your help.
Your help is greatly appreciated by me and others.
-
If you want to study online then this could be a start - among lots of other sources.
http://en.wikipedia.org/wiki/IP_address
http://en.wikipedia.org/wiki/Subnetwork
http://www.3com.com/other/pdfs/infra/corpinfo/en_US/501302.pdf (White paper about IP addressing)The links within the wikipedia articles might be worth visiting as well.
-
Thanks for your help.
By the way, i cannot even connect to webGUI. Therefore, i get limited or no connectivity.
I hope you can help me.
Please.
Please.
Please. -
I can get the ip from pfsense during live compact disc without connect the wide area network.
Why after installation i no longer can connect to the LAN interfaces and WebGUI ?
The xp saying limited or no connectivity.
I hope you all can help me.
Thanks
