The perIect start with Smoothwall

Express 3.0

Sunday, 09 September 2007

SmooLhwall Lxpress ls an lnLerneL flrewall whlch allows you Lo proLecL your neLwork as well as
provldlng nA1 funcLlonallLy lL ls ease Lo use and conflgurable vla a webbased Cul 1hls open source
flrewall dlsLrlbuLlon requlres absoluLely no knowledge of Llnux Lo lnsLall or use 1hls workshop shows
Lhe lnsLallaLlon and baslc conflguraLlon of Lhe currenL release SmooLhwall Lxpress 30
Smoothwall can be used on any Pentium-class PC and it comes pre-conIigured to stop
all incoming traIIic that is not the result oI an outgoing request. The new 'Purple network
interIace keeps wireless clients like laptops saIely oII the main network. Smoothwall supports
64bit, Ior Intel Core 2s (and other Intels with 64bit support) and 64bit Athlon chips.
Key Ieatures oI the Iirewall are:
O Compatible with wide range oI hardware/systems
O lexible & Easy to Use
O ultiple network zones Client Local Network (Green), De- militarized Zone Ior
hosting servers (Orange), Wireless Client (Purple) and External (Red).
O Comprehensive reporting & logging capabilities
O POP3 Email antivirus proxy
O Web proxy support
O Snort IDS support
O Static and dynamic DNS support
O Remote Access and VPN support
O DHCP and Network time server support
O PowerIul traIIic graphs and bandwidth bars
O Inline Proxy support Ior Instant essaging (SN, ICQ, Yahoo!, AOL) & VoIP with
logging capabilities
O Universal Plug n Play Support (UPnP)
O andwidth anagement
O Real-time Graphs & per IP TraIIic Stats
O Update system
O Outbound traIIic blocking with time-based controls
Smoothwall is using colours to diIIerentiate the networks. The network interIaces are designated
accordingly.

1he Workshop seLup could look llke Lhls

Step 1 Smoothwa|| Insta||at|on

lease download Lhe currenL release here

hLLp//wwwsmooLhwallorg/

SmooLhwall Lxpress runs on a worksLaLlon wlLh a booLable Cu8CM drlve AfLer booLlng lL wlll
auLomaLlcally check Lhe worksLaLlon and hardware componenLs uurlng Lhe lnsLallaLlon process
SmooLhwall wlll deleLe all daLa you may have on your hard dlsk So before you sLarL
Lhe lnsLallaLlon ensure LhaL all valuable daLa ls safely backed up 1he followlng screen wlll be dlsplayed

8ead Lhe followlng lnformaLlon carefully and hlL enLer



ln Lhls sLep SmooLhwall wlll parLlLlon Lhe hard dlsk

lease selecL no" and press LnLer Lo sLarL conflgurlng your lnsLallaLlon of SmooLhwall Lxpress
1he keyboard mapplng dlalog box opens flrsL


lL ls Llme Lo conflgure Lhe hosLname Leave Lhe defaulL seLLlngs

lease selecL Lhe securlLy pollcy you would llke Lo use

1he followlng pollcles are avallable



pen
SmooLhwall Lxpress allows all ouLgolng requesLs

na|fpen
SmooLhwall Lxpress allows mosL ouLgolng requesLs and blocks
poLenLlally harmful requesLs

C|osed
SmooLhwall Lxpress blocks all ouLgolng requesLs AnyLhlng Lo be allowed musL be
expllclLly enabled

We are uslng Lhe halfopen pollcy

neLwork conflguraLlon

We are uslng Lhe C8LLn+8Lu" conflguraLlon

1he C8LLn" lnLerface card ls connecLed Lo Lhe lnLernal neLwork and Lhe 8Lu" lnLerface Lo Lhe
exLernal neLwork lf you have a dlfferenL seLup or hardware please use Lhe conflguraLlon accordlngly

LeL's conflgure boLh neLwork cards

We are uslng sLaLlc l addresses for boLh lnLerfaces


lease seLup Lhe unS and uefaulL CaLeway accordlngly

PlL llnlshed" Lo conLlnue

LnLer SmooLhwall admln password ?ou'll need lL for logglng lnLo Lhe web lnLerface laLer

SeLup Lhe rooL password nexL

1he seLup ls now compleLe lease remove Lhe Cu and resLarL SmooLhwall

SmooLhwall sLarLs wlLh a nlce screen

and loads Lhe conflguraLlon

Step 2 Smoothwa|| ost|nsta|| Conf|gurat|on

lf everyLhlng worked flne ln sLep 1 you wlll see a logln prompL ln your console wlndow As menLloned
before SmooLhwall ls easy Lo conflgure by uslng a web based lnLerface lease use you favorlLe browser
and logln as admln" use Lhe password you've creaLed ln sLep 1
1he u8L should look llke Lhls

https]]ISmoothwa||_|nterna|_|nterface ort 441

ln our workshop we'll use

hLLps//1921681099441


AfLer a successfully logln you wlll see Lhe followlng screen

lease Lake your Llme Lo explore Lhe dlfferenL menus and posslble seLups 1ake a look
Lo Lhe nlce neLwork graphs and monlLorlng Lools buL also Lo Lhe log and malnLenance
posslblllLles

?ou should double check Lhe neLwork conflguraLlon flrsL by cllcklng on neLwork lnLerfaces"

SmooLhwall comes preconflgured afLer Lhe seLup 8y cllcklng on neLworklng
CuLgolng" you wlll see Lhe defaulL seLLlngs ?ou can deleLe all rules for Lhe u8LL" lnLerface
because we are noL uslng a wlreless devlce ln our workshop Add Lhe a new excepLlon llke ln Lhe
screen below Add a new AppllcaLlon or servlce" and choose lnfrasLrucLure" 1hls wlll add unS
funcLlonallLy and lL makes you able Lo browse Lhe lnLerneL from your lnLernal neLwork

Lnable Lhe P11 roxy by cllcklng on Servlces Web roxy" and 1ransparenL"
Lnabled" llke ln Lhe plcLure below uo noL forgeL Lo save Lhe seLLlngs

?ou should now be able Lo browse Lhe lnLerneL wlLhouL changlng Lhe proxy seLLlngs on
your browsers ln Lhe lnLernal neLwork

1hls ls a nlce opporLunlLy Lhe check Lhe log flles uslng Lhe web lnLerface lease cllck on Logs
webproxy" ?ou should now see Lhe log enLrles llke Lhls



Step 3 Conf|gur|ng the Intrus|on Detect|on System

SmooLhwall comes wlLh SnorL supporL SnorL ls an open source neLwork lnLruslon prevenLlon
sysLem (lS) capable of performlng realLlme Lrafflc analysls and packeLlogglng on l neLworks
lL can perform proLocol analysls conLenL searchlng maLchlng and can be used Lo deLecL a
varleLy of aLLacks and probes such as buffer overflows sLealLh porL scans CCl aLLacks SM8
probes CS flngerprlnLlng aLLempLs and more

ln our case Lhe supporLed SnorL luS deLecLs poLenLlal securlLy aLLempLs from ouLslde our
neLwork buL SnorL does noL prevenL Lhese aLLempLs!

1o geL snorL runnlng on your sysLem you need Lo reglsLer on Lhe SnorL webslLe flrsL AfLer
mlnuLes you wlll recelve an emall wlLh furLher lnsLrucLlons Lo geL Lhe Clnk code"
lease use Lhls code llke Lhe plcLure shows below


1haL's lL LeL's LesL lf SnorL ls really dolng lLs [ob ?ou can use a porL scanner or a
peneLraLlon LesL Lool llke nessus Lo check Lhls ouL lease check Lhe luS Log enLrles afLer
aLLacklng" your box ?ou should see slmllar enLrles llke Lhls
Step 4 Check status and |og f||es and get add|t|ona| |nformat|on and he|p

As menLloned before SmooLhwall comes wlLh comprehenslve monlLorlng Lools and Log vlewers
as you can see below


Check Lhe sLaLus llke Lhls


use Lhe new updaLe funcLlonallLy Lo keep your flrewall up Lo daLe by cllcklng on
MalnLenance updaLes" Whlle LesLlng Lhls we goL an error message llke you can see below



AfLer manually checklng Lhe u8L we reallzed LhaL no updaLes are really avallable aL Lhe
momenL


AddlLlonal lnformaLlon and help you can geL here

uownload SmooLhwall and documenLaLlon
hLLp//wwwsmooLhwallorg/geL/lndexphp

Pelp lorums
hLLp//communlLysmooLhwallorg/forum/