Thread: Linux as a gateway in a LAN
View Single Post

  #5 (permalink)  
Old 11-29-2004
David
 
Posts: n/a
Default Re: Linux as a gateway in a LAN
Charlie Gibbs wrote:
> In article <8431e966.0411280619.e6e81ff@posting.google.com> ,
> danicamps81@yahoo.com (Daniel Camps) writes:
>
>
>>Hello, I have a small LAN and an ADSL connection to the Internet, I
>>would like to install Linux (I am thinking in Fedora Core 3) in the
>>machine where I have the ADSL connection, and make the other PC's
>>connect to the Internet htrough this machine. I think I need to
>>install and configure in that machine, DHCP and NAT, I don't know
>>if I would need something else, like some Firewall capabilities.
>>I am a new linux user so I basically would like to know about a
>>good tutorial about how to configure this stuff, or good tools or
>>programs to do it, and of course advise about which are the possible
>>alternatives to do it.
>
>
> You'll need DHCP and NAT on the ADSL connection: DHCP because your
> ISP uses it, and NAT so that your ISP will think there's only one
> machine connected. On the LAN side of the machine it doesn't matter;
> my LAN uses static addresses (192.168.0.x) and lets the gateway box
> figure things out if I'm talking to the outside world.
>
> But you _definitely_ need firewall capabilities. This is _not_ an
> option; there are a lot of nasties out there who are trying hard to
> break into your network. I'm using a dedicated box running OpenBSD's
> packet filter (pf), but there are Linux equivalents you can use.
> I'm blocking probes every few of minutes from all over the world,
> usually on ports 135 and 445 but I've got everything locked down
> pretty tightly. I made the mistake of connecting my wife's Win98
> laptop directly to the ADSL modem - she was infected in 10 minutes.
> Linux boxes aren't nearly as vulnerable, but you still don't want
> to take chances.
>
> _Don't_ connect your LAN to the Internet without a firewall.
>
> --
> /~\ cgibbs@kltpzyxm.invalid (Charlie Gibbs)
> \ / I'm really at ac.dekanfrus if you read it the right way.
> X Top-posted messages will probably be ignored. See RFC1855.
> / \ HTML will DEFINITELY be ignored. Join the ASCII ribbon campaign!
>
will he not have to have 2 nics also ? One going to the ADSL and the
other out to his lan ?



================================================
FindMoore.Net~Finding Your Place on the Web!
http://findmoore.net
Linux Registered User #188968
================================================
Reply With Quote