Re: [PLUG] dsl questions

LeRoy Cressy on Wed, 29 Jan 2003 20:02:19 -0500

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] dsl questions

From: LeRoy Cressy <leroy@lrcressy.com>

To: plug@lists.phillylinux.org

Subject: Re: [PLUG] dsl questions

Date: Wed, 29 Jan 2003 19:59:30 -0500

Reply-to: plug@lists.phillylinux.org

Sender: plug-admin@lists.phillylinux.org

User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0.0) Gecko/20020623 Debian/1.0.0-0.woody.1

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

Being a P133 the firewall is only a forewall/router with the kernel configured as a router with IP Tables. I also grabbed the IP Table source and patched the kernel source with string match and some other patches that are not in the kernel source from kernel.org.

epike@isinet.com wrote:
hi

thanks for the input.

the 3 hosts are actually: 2 linux boxes and a linksys firewall (with the 802.11 antenna). that leaves me with 2 linux boxes to protect. more work but not too bad.

i'll try to implement a DMZ with the 2 linux boxes as a starting point....by the way does your firewall also serve something? I try to minimize the number of machines and I dont have a lot of IP numbers either.

In my case i'll try to setup the firewall server as a regular web server also, so one its NIC would show up as an address inside the DMZ is that possible?

jondz

Concerning the question about being safe with your configuration I would be petrified without a firewall. You can do what I did and set up an old P75 box as a NAT firewall and router. My logs on the firewall reflect a contant barage from sniffers, port scans, and some attempting to ssh into one of my boxes.

_________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.netisland.net/mailman/listinfo/plug-announce General Discussion -- http://lists.netisland.net/mailman/listinfo/plug

- -- Rev. LeRoy D. Cressy mailto:leroy@lrcressy.com /\_/\ http://lrcressy.com ( o.o ) Phone: 215-535-4037 > ^ <

gpg fingerprint: 62DE 6CAB CEE1 B1B3 359A 81D8 3FEF E6DA 8501 AFEA

Jesus saith unto him, I am the way, the truth, and the life: no man cometh unto the Father, but by me. (John 14:6) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: Using GnuPG with Debian - http://enigmail.mozdev.org

iD8DBQE+OHkAP+/m2oUBr+oRAqVZAJ4ipFPjB3PkPNr8F5pVh5MzLGB9cgCdHi7w PgTzzwn77lZlmCiDrAdm2rk= =pvz0 -----END PGP SIGNATURE-----

_________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.netisland.net/mailman/listinfo/plug-announce General Discussion -- http://lists.netisland.net/mailman/listinfo/plug

References:

Re: [PLUG] dsl questions
From: epike@isinet.com

Prev by Date: [PLUG] Vega Strike?

Next by Date: Re: [PLUG] "Friends don't let friends use Dell"

Previous by thread: RE: [PLUG] firewall risk

Next by thread: Re: [PLUG] dsl questions

Index(es):

Date

Thread