Date: Mon, 04 Oct 1999 18:18:57 +0100 From: Brian Somers <brian@Awfulhak.org> To: Mark Hartley <mark@whetstonelogic.com> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: FW: PPP & security Message-ID: <199910041719.SAA01032@hak.lan.Awfulhak.org> In-Reply-To: Your message of "Wed, 29 Sep 1999 16:32:56 PDT." <XFMail.990929163256.mark@whetstonelogic.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> I've followed the list for a few months (& searched through the mailing list
> archive) and really couldn't find anything that answered my question, so here I
> go:
>
> I've got a home network (FreeBSD, Win95, Mac: with hubs, cat5, etc.) that
> currently connecting to the Internet via a FreeBSD 2.2.8-RELEASE machine (using
> ppp -auto -alias ISP), and everything is working great. I stay connected for
> 8-10 hours at a time (I work from home).
>
> My question is mostly related to the security of my network. I want to know if
> the FreeBSD machine is providing adequate security for me. I've disabled
> services I do not use on the machine. I'm going to be putting 3.2 STABLE on the
> gateway machine next week. Should I worry about setting up IPFW & NATD? (is
> this even possible with ppp?)
>
> Are there other things I should be doing? I realize on a dialup I'm kind of
> like a moving target, but I stay on long enough that I want to make sure I'm
> being careful.
natd is exactly the same as the -alias flag to ppp, so you don't need
both. WRT the firewall side of things you have three choices. You
can use ipfw for the greatest flexibility, you can use the ``set
filter'' commands within ppp for a similar sort of thing or you can
use ``alias deny_incoming yes'' to simply deny incoming connections.
> Thanks in advance.
>
> Mark.
--
Brian <brian@Awfulhak.org> <brian@FreeBSD.org>
<http://www.Awfulhak.org>; <brian@OpenBSD.org>
Don't _EVER_ lose your sense of humour ! <brian@FreeBSD.org.uk>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199910041719.SAA01032>