Re: [Sheflug] Firewalls, routers, gateways (was kernel on other machine)

["Alex Hudson" <nospam [at] york.ac.uk>]

>  I don't yet have surftime - end of this month, apparently according to
> BT, even when I do get it, it will probably be the evenings/weekend only
> setup - so pppd --demand would be bad.

By 'bad', I presume you mean expensive? :-) yep...

>  So, I'm assuming then that using masqdialer would be a good
> alternative?

Yep.

> What programs do I want/need to install for my "Natter"/gateway etc to
> get it all running?

(Note - I don't think anyone uses the term 'natter', except myself! Just in
case I'm confusing people.. ;)

You probably won't need to install anything, it's going to be more a case of
removing. There's lots of relevant information in the HOWTOs, which you'll
find of some help. Basically, if you just leave open the ports you need, and
don't have anything which can execute things (apache, telnet, r*, etc.)
you're halfway there - certainly, I'd be surprised if you got hacked; it
would just be too much effort for anyone to spend time on. Make sure your
kernel is 2.2.16+, if it's 2.2.*, and you'll be as secure as you need (in
fact, massively more so ;) The first thing you'll learn about firewalls is
they just get in the way ;), and most of the time they're not worth worrying
about if you're a dial-up user.

Obviously, if you're masqing, you'll need to set that up, and once you have
masq and masqdialer going, flux should have complete internet access. If
you're feeling really smart, you could try putting tripwire or some other
variant on noodles, so you'll find out when something is funny. But, to be
honest, for what you want it's going to be a five minute job and anything
extra is going into the law of (very) diminishing returns.

Cheers,

Alex.

 Baz.

 BTW - slight technical error there - MS natural keyboard as gone
pear-shaped and locked caplocks on.
 Out with the rather old £2 Dell keyboard from the computer shop parts
bin. Ahhh the joys of having too many computer bits!

--
Barrie J. Bremner

Email:     TheEnglishman [at] ecosse.net
           (PGP public key available at pgp.mit.edu)

URL:       http://www.geocities.com/thefatenglishman

Telephone: UK 01672 811246
Mobile:    UK 07968 792975

Quis custodiet ipsos custodes?
---------------------------------------------------------------------
Sheffield Linux User's Group - http://www.sheflug.co.uk
To unsubscribe from this list send mail to
- <sheflug-request [at] vuw.ac.nz> - with the word
 "unsubscribe" in the body of the message.

  GNU the choice of a complete generation.




---------------------------------------------------------------------
Sheffield Linux User's Group - http://www.sheflug.co.uk
To unsubscribe from this list send mail to
- <sheflug-request [at] vuw.ac.nz> - with the word 
 "unsubscribe" in the body of the message. 

  GNU the choice of a complete generation.