Re: Home Lan Needs Oppinion
From: Christopher Nehren (apeiron@comcast.net)
Date: 04/17/03
- Previous message: David Gillett: "RE: how to discover vulnerability?"
- In reply to: Justyn K: "Home Lan Needs Oppinion"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 17 Apr 2003 14:23:28 -0400 From: Christopher Nehren <apeiron@comcast.net> To: Justyn K <dragon@dlance.com>
On Wed, 2003-04-16 at 23:51, Justyn K wrote:
> I have 3 computers running windows xp connected to a linksys dsl/cable
> switch/router. I have a older 3rd computer I was wanting to run a
> freebsd firewall on because 1) I see all these ips connecting to my
> ports and I get a bit curious and paranoid 2) I really dont trust
> Linksys's firewall since it seems really limited. My question would
> be...would it be real useful for a newbie to install the
> freebsd...follow a howto and put it on the inet..or am I just asking for
> trouble. Should I just run the freebsd box behind the router/switch
> until I learn more? I mean after all my software firewalls havent picked
> up anything too unsual going past the linksys. Thanks!
If you're going for security, and plan to use a BSD system, I suggest
using OpenBSD. It's pretty much made for what you want -- not to mention
there are people -constantly- asking questions on the -misc mailing list
about this, so any common problems you see are probably already
answered. Also, because of OpenBSD's frequent usage in this role, there
are many tutorials on the internet specifying how to use it for this. I
went through hours of agony trying to get my machine set up like this,
until I found the tutorials on the web -- I was then up within ten
minutes (most of which was playing with wires and realizing I was
missing one file which it told me to make). For example, take a look at
http://mlowe.phpwebhosting.com/pages/openbsd29.html . That's the
tutorial that I used, and it's been working great since.
For an optimal setup you'll have your modem connected directly to your
OpenBSD box, and then have a second NIC on that send the connection to a
switch and have your machines connect to that. You -can- set the OBSD
machine behind the router until you learn more, but note that you must
set it as the Linksys Router's DMZ host for packet forwarding (using pf)
to work. Once you have everything working inside of the router, you can
take the wire going from the OBSD machine to the router and plug it
directly into your modem. Note that this will change your OBSD machine's
IP from the internal LAN address assigned to it by the Linksys hardware
to your actual IP address (i.e. what you see when you go to
http://checkip.dyndns.org ).
- application/pgp-signature attachment: This is a digitally signed message part
- Previous message: David Gillett: "RE: how to discover vulnerability?"
- In reply to: Justyn K: "Home Lan Needs Oppinion"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
