|Paul on Fri, 19 Sep 2003 11:44:18 -0400|
So far the wired part of the network has been easy to secure, although I'm not sure exactly how secure it is right now. (modem-->firewall -->IP_masq-->trusted_net) All I did was use RedHat's overly simple utility to configure the firewall to block traffic coming from the Internet and to trust the LAN. Then, I added port forwarding with IP masquerading to allow the LAN to reach the Internet.
I'm anticipating that securing the wireless segment, the way I want it to work, will not be as simple. Right now there is hole the size of Lincoln Tunnel in my network. (laptop-->adhoc_wireless-->IP_masq-->modem) I want the laptop to be able to access the LAN and the Internet through an encryted tunnel. Nothing but the tunneled connection should be allowed. I'm thinking VPN.
So, the questions become... How can I establish an encypted tunnel between a Windows laptop and a GNU/Linux PC? How can I make sure the laptop will not be compromised, allowing an attack to use that encryted tunnel for its own purposes? Should I not use adhoc mode?
Also, if you have public access like a mail server or web server running, you should have a minimum of 3 ethernet cards in your firewall.
_________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.netisland.net/mailman/listinfo/plug-announce General Discussion -- http://lists.netisland.net/mailman/listinfo/plug