The Firewall Project

The Firewall Project

Codename: Bumble-me... er, bee

The entire project is also available in a one page version here. (250kb)

This is document version 4.11.2000. Check back for updates soon.


After undergoing a serious internal scrutiny of our network security on our Home LAN it was determined that there were weaknesses that could be exploited. At the same time, it was observed that on almost an hourly basis attacks aimed at my network could be observed originating from countries all over the world and coming in through our Cable Modem.

Bottom line - our security sucked and something had to be done about it. Before you get started you may wish to review the Pre and Post Firewall Security Scans that were conducted. They illustrate the gaping holes left by simply using some "firewall" software. You really need a hardened Operating System in conjunction with the software.

By the way. I would be remiss if I did not mention that the first step in any good security policy is secrecy. It is actually quite insane for me to share with the world what type of firewall I am using, so you don't need to make the same mistake. I am only doing this because I know there are a lot of people out there who could potentially benefit from the step by step instructions.

Table of Contents

  1. Phase 1: The Search for Software
  2. Phase 2: The Search for Hardware
  3. Phase 3: Preparing for Install
  4. Phase 4: The Firewall Install
  5. Phase 5: Configuring Workstations
  6. Phase 6: Daily Use
  7. Issues: Issues and Afterthoughts
  8. Resources

Please note that this document is extensively hyperlinked. Everything you need for reference purposes should be right here should you need to print this document out, but that shouldn't discourage you from following links to the many interesting pictures and Web sites while you are here.

Introduction - Phase 1 - 2 - 3 - 4 - 5 - 6 - Issues - Resources

This page last updated 4/23/2000 at
5:00pm by john@pozadzides.com
Copyright 1996-2000© John Pozadzides. All rights reserved.