(no subject)

Robert Meyer meyer_rm at yahoo.com
Thu Oct 24 12:25:16 EDT 2002 

--- Justin Bennett <Justin.Bennett at dynabrade.com> wrote:
> They're are several ways to do this, is it just going to be a NAT router
> for your cable, or do you want to serve files/printers from it. Do you
> want to host mail. If not you can do setup a small linux dist. on a floppy
> (or cd) and boot it when the PC boots. Can be read only. If you want to
> sever stuff then you will need to do a full install. If you do a full
> install you can use the normal iptables built into the kernel, redhat 8
> has some tools to configure this. I've never used them, always wrote the
> rules by hand.
> 
> For only routing:
> check out:
> http://www.linuxrouter.org/
> 
> I'm waiting for bob meyer to pipe up on this one.. :)

Already did but here's more :-)

I just installed a firewall for a client of mine using Mandrake 9.0 and
shorewall firewall script.  I managed to whittle the Mandrake install
down to 132Meg (would have gotten it down further but there's required
packages) with shorewall installed.  Took about an evening to get it
all figured out but I now have a firewall running that has isolated their
internal network from the outside world (they were previously open to the
outside for all machines).  I then set up some DNAT rules to their web
servers, DNS servers and Email.  Works fine, last long time.  Their
servers are on the internal network.  Not my idea of the best in
security but they insist on using SMB to manage the data on their
web sites so not much else I can do other than DNAT both ways
into a DMZ.  The interesting thing about this is that since changing
things, they report much better network performance.  You wouldn't
expect that since they now have another router in the path but since
ICMP is not enabled, I suspect that port scanning has greatly diminished
so their bandwidth is not being used by scanners and script kiddies,
trying to find systems to compromise.

Cheers!

Bob
> 
> 
> Riga, Anthony said:
> > I want to try and set up an old pc as a linux router does anyone know of
> > a program to use. Ive heard of a program called freesco does anyone know
> > about it?
> >
> > --
> > This message has been scanned for viruses and
> > dangerous content by Dynabrade using Mailscanner,
> > and is believed to be clean.
> 
> 
> -- 
> -------------------------------------------
> Justin Bennett
> Red Hat (Linux) Certified Engineer
> Network Administrator
> Dynabrade Inc.
> 8989 Sheridan Dr
> Clarence, NY 14031
> 716-631-0100 ext 215
> 
> 

=====
Bob Meyer
Knightwing Communications, Inc.
36 Cayuga Blvd
Depew, NY 14043
Phone: 716-308-8931 or 716-681-0076
Meyer_RM at Yahoo.com

__________________________________________________
Do you Yahoo!?
Y! Web Hosting - Let the expert host your web site
http://webhosting.yahoo.com/

More information about the nflug mailing list