dsl, networking, paranoia

augie schwer at sonic.net
Sat Mar 2 13:26:10 PST 2002


let me preface this email by saying: i have no idea what i am talking about. 
the following statements are based on assumptions, hearsay, and brief 
readings.

so i was thinking about getting dsl, and i'll want to share it with the 3 
computers in my house. i was also thinking that it would be cool to spread 
that connectivity througout the house a little via wireless. 

all of this brings up security and networking concerns for me. so i wanted to 
bring my ideas to other nblug'ers, and hopefully start an interesting 
discussion where by i can learn some neat stuff.

below is a drawing of what i was thinking; followed by some brief comments.

        INTERNET
                |
                |
        DSL Modem
                |
                |
        Linux Gateway (firewall)
                |
                |
        Hardware Router ----- Wireless Base-Station
                |               |                        {:}
                |               |                        {:}
        [Linux PC] [Windows PC]        [Linux Laptop]

Linux Gateway: i was thinking it would be a good idea to have a dedicated 
firewall between me and the internet. i was thinking iptables, portsentry, 
and logcheck on an older pc would help keep me secure.

Hardware Router: i already have this, so i figured it would be a good place 
to distribute connectivity.

Wireless Base-Station: i read about this in last months linux journal. maybe 
some old laptop with two NIC's one wireless one not. then as i understand it 
i can use VPN to encrypt and authenticate the connection between the 
base-station and my only other wireless device, the laptop. this way no one 
can get on my wireless network, and do bad things.

so that's it. i don't know if i'll ever try to implement this idea, because 
it all seems rather complicated, time consuming, and expensive, but i thought 
it was all very interesting, and i was hoping it would bring about some 
interesting discussion.

--augie



More information about the talk mailing list