[plug] Install tonight

William Kenworthy billk at iinet.net.au
Tue Feb 25 06:22:23 WST 2003


Insecure: too easy for someone local to bypass firewall and local
policy.
Insecure: Foreign packets on local Lan

It is a different subject if you are using one of the integrated
firewall/adsl products, then yes, its OK security wise as it is
isolated, but you still lose the extra control and possibilities of a
squid proxy, local dns, iptables firewall etc.

BillK


On Tue, 2003-02-25 at 00:55, Mike Holland wrote:
> On Mon, 24 Feb 2003, Harry McNally wrote:
> 
> > On Mon, 24 Feb 2003 21:53:37 +0800 (WST) Mike Holland <myk at plug.linux.org.au> wrote:
> > 
> > > On Mon, 24 Feb 2003, Daniel Pearson wrote:
> > > 
> > > > I'd assume its so he can share the connection to his internal network?
> > > 
> > > So why would you want two NICs for that?
> > > ie why have the ADSL modem on a separate ethernet?
> > 
> > Mike [Gilks] is building a firewall to sit between the ADSL modem (which
> > has an ethernet interface) and his internal LAN which means the second
> > NIC on the firewall is going to a switch/hub connected to all his other
> > computers.
> 
> I understand that, but cannot see why you need two physically separated 
> ethernets. Why cant the PPPoE packets travel over the same ethernet as 
> the IP packets? Ethernet allows multiple protocols to share the physical 
> layer, while remaining conceptually separate.
>   Perhaps it is a limitation that the Linux PPPoE cannot share a NIC?
>  
> > Does your ADSL modem have USB or are you thinking of a serial 56K modem
> > or something, Mike [Holland] ? You're getting me confused about why
> > you're question :)
> 
> I'm just trying to understand networking a bit better. I use a 
> modem/router, so havn't had to worry about pppoe yet.
> 
-- 
William Kenworthy <billk at iinet.net.au>



More information about the plug mailing list