Author Topic: Skuzzy... Network Q (Read 282 times)

JB73 · « **on:** September 12, 2007, 08:26:57 PM »

the HTC network going alright? I was told by a fellow IT guy that some virus or something went out today, it's hitting alot of stuff, and my network here at work is being just killed.

todays packet filter log is up to 190MB alone

I was just curious if you guys or anyone else here having their network hit tonight?

anyone got any tips on stopping it or getting our network open more?

also Skuzzy or any others, what professional firewall do you use? we have Astaro here running on a linux box, I guess it works, but we are looking at some alternatives. anyone got any recommendations? we have 4 VPN's comming in, 1 dedicated line to another state, and some serious bandwidth usage coming up in the next few months.

Vulcan · « **Reply #1 on:** September 13, 2007, 12:39:30 AM »

SANS says nuthin
Internet traffic report says nuthin
our Sonicwall dashboards show nuthin

Probably just you guys.

That astaro stuff looks...odd, lotsa conflicting stuff in their brochures (a box doing L7 inspection @ 55Mbps with no security co-pro?).

JB73 · « **Reply #2 on:** September 13, 2007, 10:20:02 AM »

I inherited it when I was put in charge of the network, trust me it is frustrating.

Astaro has got to be the least user friendly one I have seen so far. it takes a lot of fiddling to get used to the way they have things set up.

anyway, MAN that was A NASTY attack last night. turns out an IP from Russia was inside and port scanning one of our boxes. we had to cut it out of the network and I am going through and checking / cleaning it right now.

Gaidin · « **Reply #3 on:** September 13, 2007, 11:59:57 AM »

We use a Cisco PIX redundant hardware firewall system here at the college. Cisco isnt the most user friendly, but the PIX really wasnt that bad to deal with. Full command line interface, simple command functions.

Works really well.

Vulcan · « **Reply #4 on:** September 15, 2007, 08:42:37 AM »

Quote

Originally posted by Gaidin
We use a Cisco PIX redundant hardware firewall system here at the college. Cisco isnt the most user friendly, but the PIX really wasnt that bad to deal with. Full command line interface, simple command functions.

Works really well.

No it doesn't, PIX is 20th century hardware and doesn't deal with modern security threats, it just lets em through. Cisco are trying with some of the ASAs, but they're fairly crappy.