From owner-freebsd-hackers Tue Aug 27 19:28:58 1996 Return-Path: owner-hackers Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id TAA17305 for hackers-outgoing; Tue, 27 Aug 1996 19:28:58 -0700 (PDT) Received: from genesis.atrad.adelaide.edu.au (genesis.atrad.adelaide.edu.au [129.127.96.120]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id TAA17300 for ; Tue, 27 Aug 1996 19:28:53 -0700 (PDT) Received: from msmith@localhost by genesis.atrad.adelaide.edu.au (8.6.12/8.6.9) id LAA10420; Wed, 28 Aug 1996 11:58:37 +0930 From: Michael Smith Message-Id: <199608280228.LAA10420@genesis.atrad.adelaide.edu.au> Subject: Re: routing question To: hasty@netcom.com (Amancio Hasty Jr) Date: Wed, 28 Aug 1996 11:58:36 +0930 (CST) Cc: hackers@freebsd.org In-Reply-To: <199608280125.SAA15780@netcom18.netcom.com> from "Amancio Hasty Jr" at Aug 27, 96 06:25:33 pm MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-hackers@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Amancio Hasty Jr stands accused of saying: > > I have a box with an ethernet interface and a slip line. > The ethernet is on a different network than the slip line. > What i want to know if I have to install a firewall to prevent > people outside my complex to access my LAN. Is the box forwarding packets? (ie is the sysctl variable net.inet.ip.forwarding 0 or 1?) If not, then you already have a firewall 8) If it is (ie. you are connecting to the net from your LAN) then you are currently vulnerable. My _personal_ preference for this situation is to turn of forwarding and install a SOCKS proxy on the gateway box. This works for me and our application mix here, it may not work for you. > Amancio -- ]] Mike Smith, Software Engineer msmith@atrad.adelaide.edu.au [[ ]] Genesis Software genesis@atrad.adelaide.edu.au [[ ]] High-speed data acquisition and (GSM mobile) 0411-222-496 [[ ]] realtime instrument control (ph/fax) +61-8-267-3039 [[ ]] Collector of old Unix hardware. "Where are your PEZ?" The Tick [[