dsl, networking, paranoia

Christopher Wagner chrisw at pacaids.com
Mon Mar 4 09:08:01 PST 2002 

Setting up a secure network is not so nearly daunting of a task as many
believe.  Check out http://www.nblug.org/firewall/.  There's some great
material available in the HOW-TO's and FAQ's.
Plus there's great testing tools available.

I had the pleasure of being present for Frank and Devin's talk on firewalls
and whatnot, I learned A LOT. :)  Maybe another talk about routing and all
of that stuff?  Or have we covered it recently and I've missed out?

- Christopher Wagner
chrisw at pacaids.com

Packaging Aids Corporation - Information Systems
P.O. Box 9144
San Rafael, CA 94912-9144
http://www.pacaids.com/
(415) 454-4868 x116


-----Original Message-----
From: augie [mailto:schwer at sonic.net]
Sent: Saturday, March 02, 2002 1:26 PM
To: talk at nblug.org
Subject: dsl, networking, paranoia


let me preface this email by saying: i have no idea what i am talking about.
the following statements are based on assumptions, hearsay, and brief
readings.

so i was thinking about getting dsl, and i'll want to share it with the 3
computers in my house. i was also thinking that it would be cool to spread
that connectivity througout the house a little via wireless.

all of this brings up security and networking concerns for me. so i wanted
to
bring my ideas to other nblug'ers, and hopefully start an interesting
discussion where by i can learn some neat stuff.

below is a drawing of what i was thinking; followed by some brief comments.

        INTERNET
                |
                |
        DSL Modem
                |
                |
        Linux Gateway (firewall)
                |
                |
        Hardware Router ----- Wireless Base-Station
                |               |                        {:}
                |               |                        {:}
        [Linux PC] [Windows PC]        [Linux Laptop]

Linux Gateway: i was thinking it would be a good idea to have a dedicated
firewall between me and the internet. i was thinking iptables, portsentry,
and logcheck on an older pc would help keep me secure.

Hardware Router: i already have this, so i figured it would be a good place
to distribute connectivity.

Wireless Base-Station: i read about this in last months linux journal. maybe
some old laptop with two NIC's one wireless one not. then as i understand it
i can use VPN to encrypt and authenticate the connection between the
base-station and my only other wireless device, the laptop. this way no one
can get on my wireless network, and do bad things.

so that's it. i don't know if i'll ever try to implement this idea, because
it all seems rather complicated, time consuming, and expensive, but i
thought
it was all very interesting, and i was hoping it would bring about some
interesting discussion.

--augie

More information about the talk mailing list