FW: [Malvern] Recommendations for File Servers

[Darren Beale]

Soz, don't have time to respond in length, a few quick responses:

> Any particular reason for using a PC as a fire wall instead of a piece of
> software?

What Rich/Stu said.

I use the set-up

*) Outside
*) Router with firewall/DHCP turned off
*) ipcop/smoothwall (same thing)
*) Switch
*) Machines

The ipcop machine provides DNS and DHCP. I also use the VPN to connect
work <--> home (IPCop both ends). I could - but dont - also use it to
allow me to tunnel in via non-standard port and then NAT to a machine
internally (say the file server) when out and about. One stage further
would be to do what Stu suggests and create a DMZ (third interface)
for inside, but outside services, such as a web server.

> I presume that you use this PC in place of a router?

No I use the router but I don't trust it so switch everything off
except making ADSL work and let the firewall do the rest.

The precise set-up would be:

*) Adsl wire into:
*) Router. It makes ADSL work and gets assigned IP xxx.xxx.xxx.xxx
which is public
*) Router also assigned an internal address for the built in hub - say 10.0.0.1
*) Ethernet cable from the built in hub to:
*) RED interface on IPCop machine and this is set to 10.0.0.2
*) GREEN interface on IPCop machine - say - 192.168.1.1 goes to

DNS server for network is 192.168.1.1 it also provides DHCP and is the
default gateway.

I'm not saying that this set-up is 'right' but it's what I do

And coming back to the original point we now have a situation where
for file serving our requirements are minimal: Linux (whatever
distro), samba and a simple shell script for backups. I personally
would just run a very basic install (no X etc) but if you want to use
the machine for a Linux desktop too then as you mention, Ubuntu would
be fine.

Cheers

D