-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I was able to put something together. Aother PC. I've attached a copy of the dmesg of the other machine I have. This would be the section of the handbook on setting another pc up as a router wouldnt it?
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-routing.html I just want to start learning about this in the right areas to begin with. I've never really understood nat. Think maybe I should install FreeBSD 5.1 on the other machine or is 4.8 ok for this purpose even ok if I want to start doing more advanced network/security settings. Is there any advances on using 5.1 over 4.8 in this situation? So how would I go about setting this other machine up as a router? The PC I am using now is the one I like to do all my work on. I will have the other PC probable on the floor just below my main PC. I have an extra DSL cable. Plus what into what? Kinda confused here. I run these services on my box. Thanks for the help. Bryan CUPS Apache PHP COURIER-IMAP POSTFIX SquirrelMail On Thu, 04 Dec 2003 03:15:38 -0500 Scott W <[EMAIL PROTECTED]> wrote: > Bryan Cassidy wrote: > > >-----BEGIN PGP SIGNED MESSAGE----- > >Hash: SHA1 > > > >Hello everyone. Hows everyone doing tongith/today? Well, I'm taking a > >week off of work and thought I would read up on Security/Networking > >and anything else to do with making my system/webserver secure. I am > >going to Best Buy (ya i know, but it's the only computer related > >store in this shitty town so.) to buy a router and was just wanting > >to see what people could recommend on which ones are good. I've nver > >really gotten into this kinda thing before but want to learn. Will > >there be anything extra that I should get while I'm at the store? > >Cables etc? I only have one pc is there any point in having a router > >with one pc? Any links to how to set this up on FreeBSD? Thanks in > >advance.-----BEGIN PGP SIGNATURE----- > >Version: GnuPG v1.2.3 (FreeBSD) > > > >iD8DBQE/zn4Bm8uTTHnDH3ERAsR1AKDTzQHhzHV0ei2OevUSo0jzdksikACghTjr > >QGg8Wa7hgX1Dr4vTXGjgCo8= > >=LXnN > >-----END PGP SIGNATURE----- > >_______________________________________________ > >[EMAIL PROTECTED] mailing list > >http://lists.freebsd.org/mailman/listinfo/freebsd-questions > >To unsubscribe, send any mail to > >"[EMAIL PROTECTED]" > > > > > > > If you've got only a single PC to connect, then the only reason for > wanting (not needing) a (presumably broadband) router is anything > fairly recent will do NAT (address translation, basically lets > 1 PC > share 1 public IP address). One of the 'side benefits' of NAT routers > is that they closes off connections initiated from the outside world > (the Net). Not that big of a deal with freeBSD, as the default > services running by default are pretty sensible (compared to past and > some current versions of Solaris, RedHat, SuSe etc etc), but this is > generally A Good Thing if you're running Windows at any point, or are > playing around with different services, as many of them have had > exploits in the past that script kiddies like to jump on. > > Of course, you can also turn your bsd system into a router by adding > another NIC, and then attaching a hub or switch to one NIC, and the > other to your DSL or cable modem... > > The disadvantage (serious annoyance IMHO) of 'hardware routers' > (opposed to software running on bsd or another *nix) is the general > lack of logging abilities. When I used to run several personal > domains, it was _amazing_ the number of portscans and IMAP and other > exploits that would be attempted on my systems. I personally like to > know what's being attempted against my systems, and most of the 'off > the shelf' routers from BestBuy, CompUSA etc are a far cry from Cisco > and others, who do run a 'real' (meaning user accessible) OS and can > handle logging as well as complex rules for port forwarding or > dropping routes.... > > As far as freebsd is concerned, if you do decide to get one for > whatever reason, the router is effectively dual homed, meaningin this > case, that it has an internal network IP (eg 192.168.1.254) as well as > an external IP which is what 'the world' sees, which is the IP > assigned to it via the cable/DSL modem/your ISP. You'll need to set > your 'internal' systems (your home PCs/systems) to have their default > gateway point to the internal IP of the router. That will be the case > regardless of whatever OS you run... > > Of course, even a 486 class system, with a minimal install of freebsd, > > with /usr mounted immutable, and a small hard drive, would make a > great router, and you could also play around with a remote log host > for logging, monitoring tools like logcheck, sentry, saint, and > others, as well as designating your own port forwarding and firewall > rulesets...if you decide to buy an 'off the shelf' router and still > want some sort of idea of who's trying to do what to your system(s), > you can port forward a 'popular' port (like IMAP/139, http/80, and/or > mail/25 to different ports on your local system and set things up to > only log the connection instead of running the actual services...... > > > Scott > > > _______________________________________________ > [EMAIL PROTECTED] mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "[EMAIL PROTECTED]" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (FreeBSD) iD8DBQE/z6GMm8uTTHnDH3ERAm1MAJsF09ewS/A3s1U/VH2u6NbCJQzVZQCguGJh +CwTOovNglGX7qe10R1lfOk= =PwDF -----END PGP SIGNATURE-----
typescript
Description: Binary data
_______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
