From owner-freebsd-questions@FreeBSD.ORG  Tue Aug 23 12:43:56 2005
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 860DB16A421
	for <freebsd-questions@freebsd.org>;
	Tue, 23 Aug 2005 12:43:56 +0000 (GMT)
	(envelope-from keramida@freebsd.org)
Received: from kane.otenet.gr (kane.otenet.gr [195.170.0.95])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 9930C43D53
	for <freebsd-questions@freebsd.org>;
	Tue, 23 Aug 2005 12:43:55 +0000 (GMT)
	(envelope-from keramida@freebsd.org)
Received: from orion.daedalusnetworks.priv (aris.bedc.ondsl.gr [62.103.39.226])
	by kane.otenet.gr (8.13.4/8.13.4/Debian-1) with SMTP id j7NChjLP024447; 
	Tue, 23 Aug 2005 15:43:54 +0300
Received: from orion.daedalusnetworks.priv (orion [127.0.0.1])
	by orion.daedalusnetworks.priv (8.13.4/8.13.4) with ESMTP id
	j7N9oDhe006268; Tue, 23 Aug 2005 12:50:13 +0300 (EEST)
	(envelope-from keramida@freebsd.org)
Received: (from keramida@localhost)
	by orion.daedalusnetworks.priv (8.13.4/8.13.4/Submit) id j7N9oDDV006267;
	Tue, 23 Aug 2005 12:50:13 +0300 (EEST)
	(envelope-from keramida@freebsd.org)
X-Authentication-Warning: orion.daedalusnetworks.priv: keramida set sender to
	keramida@freebsd.org using -f
Date: Tue, 23 Aug 2005 12:50:13 +0300 (EEST)
From: Giorgos Keramidas <keramida@ceid.upatras.gr>
To: Dmitry Mityugov <dmitry.mityugov@gmail.com>
In-Reply-To: <b7052e1e05082222474a4c659b@mail.gmail.com>
Message-ID: <20050823124810.R6031@orion>
References: <43064B2F.7050605@orcon.net.nz> <20050819214637.GA10088@flame.pc>
	<b7052e1e05082222474a4c659b@mail.gmail.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
Cc: freebsd-questions@freebsd.org
Subject: Re: Internet firewall
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Aug 2005 12:43:56 -0000

On 2005-08-23 09:47, Dmitry Mityugov wrote:
> On 8/20/05, Giorgos Keramidas <keramida@ceid.upatras.gr> wrote:
>> [Writing about the need for a firewall.]
>> It takes about 4-5 seconds when I connect with my dialup account
>> from home and then incoming connections start coming from spyware,
>> trojans and misc. other scanners :-)
>
> But it is possible to set up ppp to reject all incoming requests
> (with nat deny_incoming set to yes IIRC). After that, the machine
> will be "invisible" to the outside world, even if no firewalls
> are configured on it. At least Shields Up! service located at
> https://www.grc.com/x/ne.dll?bh0bkyd2 will tell you so.

That's cool!  I haven't used it, but it sounds very useful at least
as a preliminary aid until a _real_ packet filter is available :-)