| sean finney on Tue, 07 Jan 2003 05:01:07 -0500 |
|
hiya, i've got both linux and netbsd boxes up and running as routers/firewalls/connection splitters. i'm very happy with both-- personally, i like the netbsd with ipnat/ipf combo. i really like how the ipnat/ipf rules are very simple and easy to read, but at the same time don't sacrifice configurability. if you'd like help with either i can send you the configurations or commands that i use--í'm sure plenty of other folks on this list would have advice to give as well. however, you may want to take into consideration the tradeoffs that you'd be making in a software vs. hardware router. the hardware routers are usually cheaper than most computers and often "just work" right out of the box. they're quieter, smaller, and use less electricity. however, they are most often far less configurable (or to be so cost more $$$), and you need to tighten up their security just like you would a computer. most hardware routers offer either telnet or http servers to configure them, and often these have default passwords that are both easily guessable (like "admin" or "default") and also available on the net. software routers have the strength of being much more flexible to what you might need, you can add in firewall rules to help keep out the unfriendlies, and you can do this on old, otherwise unwanted hardware. for example i'm running a netbsd router/firewall on an old p75 with 24mb ram to split the dsl connection in my apartment with all my roomates. it only goes down when the power does. in addition, if you spend a little extra time you can set it up to power down the hard drive or even not have a hard drive by booting from floppy/cd like the folks at linuxrouter, if you already have the hardware sitting around (needed: one computer, two ethernet cards, some cables and a hub), the only thing it will cost you is a little time spent reading the documentation (ipnat/ipf comes with really good examples). sean On Mon, Jan 06, 2003 at 09:10:26PM -0800, M.Simons wrote: > > Greetings, > > This was sent to me as I am on the CTCNet (local Community Technology > Centers) mailing list for the local area.. (there are national lists > too) I am inclined to recommend old boxes with some sort of linux or > bsd(open?) preconfigured distro specifically for doing so.. however, I > don't really have the expertise, and the linux router project has > basically died. (www.linuxrouter.org) What other distros or projects are > there? preferrably something simple, easy to use yet secure, stable. > > If anybody would be interested in volunteering to help people figure this > out, or get them up and running.. I am sure it would be much appreciated.. > I have on many an occasion spoken to some of the local tech & computer > reuse nonprofit organizations, and they are very interested in linux & > open source.. but they don't have the expertise. > > This is a VERY GOOD opportunity to get Tux's (or the Daemon's) foot in the > door of a lot of organizations! (Not to mention put a lot of old 486s to > good use!) > > -- > msimons@slackware.com INFORMATION*MEDIA*PHOTOGRAPHY msimonsmail@yahoo.com > Creative Arts Resource Project : PTMaterials Exchange : www.pleasetake.org > A 501(c)3 Non-profit Organization Arts and Environmental Resource Network > Shopping Online? Use http://www.igive.com/carp/ make donations at no cost! > Do you like what I do? Consider donating resources to CARP; Ask me how! > > ---------- Forwarded message ---------- > Date: Mon, 6 Jan 2003 23:41:19 -0500 > From: Stan Pokras <pokras@libertynet.org> > To: CTCNet_Phl <CTCNet@delawarevalley.org> > Subject: [CTCNet Phl] Tech question: Internet routers > > Happy New Year to everyone... > > Here is a timely question. Many groups with labs and many nonprofit > organizations with networks will want to take advantage of the > Internet by using a single connection such as a modem or DSL line and > sharing that connection with their entire network. The device that > performs this function is called a "Router." Windows 98 and later > versions provide this function and call it "Internet Connection > Sharing." This requires that a computer play the role of routing > Internet to the network by creating a "software router." The software > router requires that the routing computer be on for any of the other > computers to use the Internet. > > A better solution is to use a "hardware router." This is a small box > that connects to the Internet and to the local area network. These > devices (especially those for DSL and Cable) are now getting very > inexpensive ($40 - $150). So, here we have a question, what brands of > hardware routers are best? Should they have built-in security > features to keep hackers out of your network? And, who sells these > devices locally? Or, should they be best purchased via an outlet that > can be found on the Internet? > > Thanks to Lola Moore of Rowan University for bringing up these > issues! Here is Lola's question. Do you have any thoughts on this? > How about suggestions for a supplier? > > Stan > > >X-Originating-IP: [152.163.189.98] > >From: "Lola H. Moore" <lola743@hotmail.com> > >To: pokras@libertynet.org > >Bcc: > >Subject: Rowan University > >Date: Mon, 06 Jan 2003 15:37:42 -0500 > >X-OriginalArrivalTime: 06 Jan 2003 20:37:42.0589 (UTC) > >FILETIME=[762FCED0:01C2B5C3] > > > > > >Stan, > >Greetings and a Happy and Blessed New Year to you. > > > >We need some information on purchasing Network Routers'independent > >of the Internet Providers for our non-profits. Can you help or > >provide me with a source to make said purchases? > > > >Sure hope you can help > > > >Lola > > > > - -- > > * * * > Stanley R. Pokras, Executive Director Nonprofit Technology Resources (NTR) > Vice Chair, Technology Resource Consortium (http://www.igc.apc.org/trc/) > Regional Coord, Community Technology Centers' Network (http://www.ctcnet.org/) > > Nonprofit Technology Resources > 1524 Brandywine Street > Philadelphia PA 19130 > 215-564-6686 (day) 215-564-6642 (fax) > 215-922-0227 (evenings) > Find our "Home Page" at http://www.libertynet.org/ntr/ > > > _________________________________________________________________________ > Philadelphia Linux Users Group -- http://www.phillylinux.org > Announcements - http://lists.netisland.net/mailman/listinfo/plug-announce > General Discussion -- http://lists.netisland.net/mailman/listinfo/plug > Attachment:
pgpcWwysXzh7f.pgp
|
|