Re: selecting old machines for firewall/router use

On Wed, 23 Feb 2011, Andrew McGlashan wrote: > An unpatched machine [for whatever reason], behind NAT has a > fighting chance, but one which is directly addressable from the The protection offered by NAT is equivalent to a statefull firewall that only allow sessions to be initiated by the inside[

Re: selecting old machines for firewall/router use

On 22 February 2011 00:45, Stan Hoeppner wrote: > shawn wilson put forth on 2/21/2011 6:05 PM: > > On Mon, Feb 21, 2011 at 6:45 PM, Stan Hoeppner >wrote: > > > >> Pascal Hambourg put forth on 2/21/2011 3:51 PM: > >>> Stan Hoeppner a écrit : > > You only need one > NIC in your fire

Re: selecting old machines for firewall/router use

Andrew McGlashan wrote: And from the further reading referenced in the other response [1] I see a problem with the following: At the same time, this tracking is per address. In environments where the goal is tracking back to the user, additional external information will be neces

Re: selecting old machines for firewall/router use

Hi, Pascal Hambourg wrote: Andrew McGlashan a écrit : Well NAT does have it's advantages, one being that it can act as a reasonably good barrier as a NATural firewall. This is a common misconception. I cannot tell about other NAT's, but Netfilter NAT is not a barrier at all. It's a goo

Re: selecting old machines for firewall/router use

Andrew McGlashan a écrit : > > Well NAT does have it's advantages, one being that it can act as a > reasonably good barrier as a NATural firewall. This is a common misconception. I cannot tell about other NAT's, but Netfilter NAT is not a barrier at all. > but if you have every device with

Re: selecting old machines for firewall/router use

On Wed, Feb 23, 2011 at 11:42:37PM +1100, Andrew McGlashan wrote: > Well NAT does have it's advantages, one being that it can act > as a reasonably good barrier as a NATural firewall. Sure, it's not > perfect, but if you have every device with IPv6 (or v4 for that > matter) being addressable

Re: selecting old machines for firewall/router use

Hi, Paul Fraser wrote: On Tue, Feb 22, 2011 at 10:41, Nate Bargmann > wrote: Not only that but as we move to IPv6 there is no such thing as NAT. Oh, how I wish that were true... The IPv6 spec includes NAT. Well NAT does have it's advantages, one being that it c

Re: selecting old machines for firewall/router use

On Tue, 22 Feb 2011, shawn wilson wrote: > On Feb 22, 2011 6:10 PM, "Henrique de Moraes Holschuh" > wrote: > > On Wed, 23 Feb 2011, Paul Fraser wrote: > > > Oh, how I wish that were true... The IPv6 spec includes NAT. > > > > Which RFC? > > > Lmgtfy - 4684 and 5902 - don't know off hand, you'll ha

Re: selecting old machines for firewall/router use

On Feb 22, 2011 6:10 PM, "Henrique de Moraes Holschuh" wrote: > > On Wed, 23 Feb 2011, Paul Fraser wrote: > > On Tue, Feb 22, 2011 at 10:41, Nate Bargmann wrote: > > > Not only that but as we move to IPv6 there is no such thing as NAT. > > > > Oh, how I wish that were true... The IPv6 spec includ

Re: selecting old machines for firewall/router use

On Wed, 23 Feb 2011, Paul Fraser wrote: > On Tue, Feb 22, 2011 at 10:41, Nate Bargmann wrote: > > Not only that but as we move to IPv6 there is no such thing as NAT. > > Oh, how I wish that were true... The IPv6 spec includes NAT. Which RFC? -- "One disk to rule them all, One disk to find th

Re: selecting old machines for firewall/router use

On Tue, Feb 22, 2011 at 10:41, Nate Bargmann wrote: > Not only that but as we move to IPv6 there is no such thing as NAT. > Oh, how I wish that were true... The IPv6 spec includes NAT. P.

Re: To gmail or not to gmail (was Re: Fwd: selecting old machines for firewall/router use)

On Ma, 22 feb 11, 09:18:12, Petrus Validus wrote: > > > I interpret the "if used correctly" bit to mean "using the GMail web > > > interface, not a 3rd party client such as Evolution or Mutt." Am I > > > correct in this interpretation? > > > > No, I mean, AFAICT, IMAP was not designed for this

Re: To gmail or not to gmail (was Re: Fwd: selecting old machines for firewall/router use)

On Tue, 22 Feb 2011, Petrus Validus wrote: I interpret the "if used correctly" bit to mean "using the GMail web interface, not a 3rd party client such as Evolution or Mutt." Am I correct in this interpretation? No, I mean, AFAICT, IMAP was not designed for this paradigm (same message present

Re: To gmail or not to gmail (was Re: Fwd: selecting old machines for firewall/router use)

> > I interpret the "if used correctly" bit to mean "using the GMail web > > interface, not a 3rd party client such as Evolution or Mutt." Am I > > correct in this interpretation? > > No, I mean, AFAICT, IMAP was not designed for this paradigm (same > message present in different folders/tags/

Re: To gmail or not to gmail (was Re: Fwd: selecting old machines for firewall/router use)

On Lu, 21 feb 11, 20:26:45, Petrus Validus wrote: > > > Is there a way for this to be disabled and subsequently have > > > messages be displayed in their specific folders...or is this just how > > > Gmail works? > > > > This one of the better "innovation" brought by Gmail, if used correctly. >

Re: To gmail or not to gmail (was Re: Fwd: selecting old machines for firewall/router use)

On Lu, 21 feb 11, 22:39:46, Peter Tynan wrote: > On 21 February 2011 21:24, Andrei Popescu wrote: > > > Maybe this is mutt specific, but if I just delete the mail from Inbox in > > All Mail the message is still marked as unread (a.k.a new). If I mark it > > as read and sync, then it's also marked

Re: selecting old machines for firewall/router use

John Hasler put forth on 2/21/2011 7:34 PM: > I wrote: >> Or from the inside. If none of the machines on the LAN are running >> Windows you're probably ok. > > Stan writes: >> How is this a security issue? Broadcast packets coming from the >> customer that hit the DSLAM are instantly dropped. >

Re: selecting old machines for firewall/router use

I wrote: > Or from the inside. If none of the machines on the LAN are running > Windows you're probably ok. Stan writes: > How is this a security issue? Broadcast packets coming from the > customer that hit the DSLAM are instantly dropped. Nothing to do with the DSLAM. These routers usually ex

Re: To gmail or not to gmail (was Re: Fwd: selecting old machines for firewall/router use)

> Hmm, as far as I understand, a message is always present in [Gmail]/All > Mail', unless moved to [Gmail]/Trash or [Gmail]/Spam. New mail (not > filtered) goes to my Inbox. If I want to get rid of it for good I move > it to [Gmail]/Trash, but if I want to "archive" it I just delete the > Inbox

Re: To gmail or not to gmail (was Re: Fwd: selecting old machines for firewall/router use)

> > Is there a way for this to be disabled and subsequently have > > messages be displayed in their specific folders...or is this just how > > Gmail works? > > This one of the better "innovation" brought by Gmail, if used correctly. I interpret the "if used correctly" bit to mean "using the GM

Re: selecting old machines for firewall/router use

John Hasler put forth on 2/21/2011 6:24 PM: > Stan writes: >> For this to be a real security issue, any attack must start below the >> IP level... > > Or from the inside. If none of the machines on the LAN are running > Windows you're probably ok. How is this a security issue? Broadcast packets

Re: selecting old machines for firewall/router use

shawn wilson put forth on 2/21/2011 6:05 PM: > On Mon, Feb 21, 2011 at 6:45 PM, Stan Hoeppner wrote: > >> Pascal Hambourg put forth on 2/21/2011 3:51 PM: >>> Stan Hoeppner a écrit : You only need one NIC in your firewall box when using a switch. You simply plug everything into

Re: selecting old machines for firewall/router use

Stan writes: > For this to be a real security issue, any attack must start below the > IP level... Or from the inside. If none of the machines on the LAN are running Windows you're probably ok. -- John Hasler -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of

Re: selecting old machines for firewall/router use

* On 2011 21 Feb 18:14 -0600, shawn wilson wrote: > supposedly, there is also a way to 'pivot' past a nat device - i haven't > looked into this, so i can't speak to this much... Not only that but as we move to IPv6 there is no such thing as NAT. New network device installations should be taking I

Re: selecting old machines for firewall/router use

On Mon, Feb 21, 2011 at 6:45 PM, Stan Hoeppner wrote: > Pascal Hambourg put forth on 2/21/2011 3:51 PM: > > Stan Hoeppner a écrit : > >> > >> You only need one > >> NIC in your firewall box when using a switch. You simply plug > >> everything into the switch including the DSL modem and the Netgea

Re: selecting old machines for firewall/router use

Pascal Hambourg put forth on 2/21/2011 3:51 PM: > Stan Hoeppner a écrit : >> >> You only need one >> NIC in your firewall box when using a switch. You simply plug >> everything into the switch including the DSL modem and the Netgear. >> Bind both the public and private IP addresses to the same NIC

Re: To gmail or not to gmail (was Re: Fwd: selecting old machines for firewall/router use)

On 21 February 2011 21:24, Andrei Popescu wrote: > Maybe this is mutt specific, but if I just delete the mail from Inbox in > All Mail the message is still marked as unread (a.k.a new). If I mark it > as read and sync, then it's also marked as read in All Mail. I assume > Gmail takes the delete f

Re: selecting old machines for firewall/router use

Andrei Popescu a écrit : > > Ok, but IMVHO it would be a good idea to make sure the DHCP server does > not allocate the router's IP to some other host. Of course, like any other statically assigned address. Again, nothing special here. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.deb

Re: selecting old machines for firewall/router use

On Lu, 21 feb 11, 22:48:21, Pascal Hambourg wrote: > > > Easiest way for me was > > to just use different sub-nets. Example: leave the router on 192.168.1.1 > > and build my own network on 192.158.0.XXX > > This is unnecessary, and makes it hard to manage the device. Ok, but IMVHO it would be

Re: selecting old machines for firewall/router use

Adrian Levi a écrit : > > I'd also suggest a static ip configuration with a setup like this, as > you'll only have one computer at the end of each ethernet segement you > won't gain anything from DHCP, you'd need a subnet declaration for > each nic and a pool statement. Ethernet cards can be brid

Re: selecting old machines for firewall/router use

Stan Hoeppner a écrit : > > You only need one > NIC in your firewall box when using a switch. You simply plug > everything into the switch including the DSL modem and the Netgear. > Bind both the public and private IP addresses to the same NIC in the > firewall using a virtual NIC: i.e. eth0 and

Re: selecting old machines for firewall/router use

Andrei Popescu a écrit : > > Just don't forget to make sure the router's internal IP address is > different from any other machine on the network. Just like any other device. Nothing special here. > Easiest way for me was > to just use different sub-nets. Example: leave the router on 192.168.1

Re: To gmail or not to gmail (was Re: Fwd: selecting old machines for firewall/router use)

On Mon, 21 Feb 2011, Andrei Popescu wrote: If you send via Gmail's SMTP you always have a copy in Gmail's sent, so it should be enough to tell alpine not to save its own copy. Check the headers - I use a local sendmail. I've been doing some digging and it is in a sub-folder named "Google Mail

Re: To gmail or not to gmail (was Re: Fwd: selecting old machines for firewall/router use)

On Lu, 21 feb 11, 20:49:49, Peter Tynan wrote: > On Mon, 21 Feb 2011, Andrei Popescu wrote: > > >On Lu, 21 feb 11, 12:59:56, Petrus Validus wrote: > > > >This one of the better "innovation" brought by Gmail, if used correctly. > > > >Unfortunately it's not very usable via IMAP. Example: > >How do

Re: To gmail or not to gmail (was Re: Fwd: selecting old machines for firewall/router use)

On Mon, 21 Feb 2011, Andrei Popescu wrote: On Lu, 21 feb 11, 12:59:56, Petrus Validus wrote: This one of the better "innovation" brought by Gmail, if used correctly. Unfortunately it's not very usable via IMAP. Example: How do I tell mutt to tag the message as read in All Mail when I delete it

Re: selecting old machines for firewall/router use

On Lu, 21 feb 11, 07:17:18, Nate Bargmann wrote: > * On 2011 20 Feb 22:06 -0600, Stan Hoeppner wrote: > > Some consumer wireless routers don't like to do DHCP pass through, and > > won't serve DHCP when configured as a bridge, in which case the Linux > > firewall will have to serve DHCP. If the wi

Re: To gmail or not to gmail (was Re: Fwd: selecting old machines for firewall/router use)

On Mon, 21 Feb 2011, Petrus Validus wrote: Get away from the web interface. Install Icedove/Evolution/Mutt and use Google's IMAPs interface. I use Evolution and Mutt with Google's IMAP interface. It works nicely but I've noticed this quirky behavior when using a client via IMAP. My messages

Re: To gmail or not to gmail (was Re: Fwd: selecting old machines for firewall/router use)

On Lu, 21 feb 11, 12:59:56, Petrus Validus wrote: > > Get away from the web interface. Install Icedove/Evolution/Mutt and use > > Google's IMAPs interface. > > I use Evolution and Mutt with Google's IMAP interface. It works nicely > but I've noticed this quirky behavior when using a client via

Re: selecting old machines for firewall/router use

On Sun, Feb 20, 2011 at 9:26 PM, Greg Madden wrote: > > > On Sunday 20 February 2011 03:03:35 pm Nate Bargmann wrote: > > * On 2011 20 Feb 14:22 -0600, Elmer E. Dow wrote: > > > Greetings: > > > > > > I'd like to set up a network with a firewall for my home computers > > > for security, control a

Re: To gmail or not to gmail (was Re: Fwd: selecting old machines for firewall/router use)

> Get away from the web interface. Install Icedove/Evolution/Mutt and use > Google's IMAPs interface. I use Evolution and Mutt with Google's IMAP interface. It works nicely but I've noticed this quirky behavior when using a client via IMAP. My messages appear in multiple places at the same t

Re: selecting old machines for firewall/router use

* On 2011 20 Feb 22:06 -0600, Stan Hoeppner wrote: > Some consumer wireless routers don't like to do DHCP pass through, and > won't serve DHCP when configured as a bridge, in which case the Linux > firewall will have to serve DHCP. If the wireless router won't pass > DHCP from the wired to wireles

Re: To gmail or not to gmail (was Re: Fwd: selecting old machines for firewall/router use)

00 >>> From: Ron Johnson >>> To: debian-user@lists.debian.org >>> Subject: Re: To gmail or not to gmail (was Re: Fwd: selecting old >>> machines for >>> firewall/router use) >>> Resent-Date: Mon, 21 Feb 2011 05:54:49 + (UTC) >>> Resent-From: debi

Re: To gmail or not to gmail (was Re: Fwd: selecting old machines for firewall/router use)

On 02/21/2011 12:17 AM, Peter Tynan wrote: On Sun, 20 Feb 2011, Ron Johnson wrote: Date: Sun, 20 Feb 2011 23:54:27 -0600 From: Ron Johnson To: debian-user@lists.debian.org Subject: Re: To gmail or not to gmail (was Re: Fwd: selecting old machines for firewall/router use) Resent-Date: Mon, 21

Re: To gmail or not to gmail (was Re: Fwd: selecting old machines for firewall/router use)

On Sun, 20 Feb 2011, Ron Johnson wrote: Date: Sun, 20 Feb 2011 23:54:27 -0600 From: Ron Johnson To: debian-user@lists.debian.org Subject: Re: To gmail or not to gmail (was Re: Fwd: selecting old machines for firewall/router use) Resent-Date: Mon, 21 Feb 2011 05:54:49 + (UTC) Resent

Re: To gmail or not to gmail (was Re: Fwd: selecting old machines for firewall/router use)

On Sun, 20 Feb 2011, Ron Johnson wrote: Date: Sun, 20 Feb 2011 23:54:27 -0600 From: Ron Johnson To: debian-user@lists.debian.org Subject: Re: To gmail or not to gmail (was Re: Fwd: selecting old machines for firewall/router use) Resent-Date: Mon, 21 Feb 2011 05:54:49 + (UTC) Resent

Re: To gmail or not to gmail (was Re: Fwd: selecting old machines for firewall/router use)

On 02/20/2011 11:01 PM, Peter Tynan wrote: On Sun, 20 Feb 2011, Ron Johnson wrote: Date: Sun, 20 Feb 2011 22:02:48 -0600 From: Ron Johnson To: debian-user@lists.debian.org Subject: To gmail or not to gmail (was Re: Fwd: selecting old machines for firewall/router use) Resent-Date: Mon, 21 Feb

Re: Fwd: selecting old machines for firewall/router use

On Sunday 20 February 2011 06:42:12 pm Heddle Weaver wrote: > > Come with a few things installed. > I remember a few years back, a furore over factory installed trojans on > Belkin routers. > Belkin apologised and all the noise went away, but I haven't forgotten in > the current atmosphere of ne

Re: To gmail or not to gmail (was Re: Fwd: selecting old machines for firewall/router use)

On Sun, 20 Feb 2011, Ron Johnson wrote: Date: Sun, 20 Feb 2011 22:02:48 -0600 From: Ron Johnson To: debian-user@lists.debian.org Subject: To gmail or not to gmail (was Re: Fwd: selecting old machines for firewall/router use) Resent-Date: Mon, 21 Feb 2011 04:03:05 + (UTC) Resent-From

Re: selecting old machines for firewall/router use

John Hasler put forth on 2/20/2011 3:08 PM: > Elmer writes: >> 300 Mhz processor boot manager on 3.5-inch diskette so it can boot >> from diskette, CD or hard drive > > That'll work fine as long as it has enough RAM to install Debian. Not to mention disk space. Even though the OP asked on this l

Re: selecting old machines for firewall/router use

Elmer E. Dow put forth on 2/20/2011 2:02 PM: > Greetings: > > I'd like to set up a network with a firewall for my home computers for > security, control and convenience (file sharing), as well as to learn > about networking. We have the Internet entering via a Motorola DSL modem > and it currently

To gmail or not to gmail (was Re: Fwd: selecting old machines for firewall/router use)

On 02/20/2011 09:42 PM, Heddle Weaver wrote: Got to get away from gmail. No list reply feature. Get away from the web interface. Install Icedove/Evolution/Mutt and use Google's IMAPs interface. -- "The normal condition of mankind is tyranny and misery." Milton Friedman -- To UNSUBSCRIBE,

Fwd: selecting old machines for firewall/router use

Got to get away from gmail. No list reply feature. -- Forwarded message -- From: Heddle Weaver Date: 21 February 2011 13:41 Subject: Re: selecting old machines for firewall/router use To: Greg Madden On 21 February 2011 12:26, Greg Madden wrote: > > > On Sunday 20

Re: selecting old machines for firewall/router use

On Sunday 20 February 2011 03:03:35 pm Nate Bargmann wrote: > * On 2011 20 Feb 14:22 -0600, Elmer E. Dow wrote: > > Greetings: > > > > I'd like to set up a network with a firewall for my home computers > > for security, control and convenience (file sharing), as well as to > > learn about network

Re: selecting old machines for firewall/router use

* On 2011 20 Feb 14:22 -0600, Elmer E. Dow wrote: > Greetings: > > I'd like to set up a network with a firewall for my home computers > for security, control and convenience (file sharing), as well as to > learn about networking. We have the Internet entering via a Motorola > DSL modem and it curr

Re: selecting old machines for firewall/router use

Elmer writes: > 300 Mhz processor boot manager on 3.5-inch diskette so it can boot > from diskette, CD or hard drive That'll work fine as long as it has enough RAM to install Debian. -- John Hasler -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe

Re: selecting old machines for firewall/router use

On 21 February 2011 06:02, Elmer E. Dow wrote: > Greetings: > 300 Mhz processor > boot manager on 3.5-inch diskette so it can boot from diskette, CD or hard > drive > ethernet jack on motherboard > 5 pci slots > 4 isa slots > (I have a pci nic and 2 isa nics on hand, plus there's that built-in

selecting old machines for firewall/router use

Greetings: I'd like to set up a network with a firewall for my home computers for security, control and convenience (file sharing), as well as to learn about networking. We have the Internet entering via a Motorola DSL modem and it currently passes data through a NetGear wireless router. I'd l