Date: Wed, 28 Aug 1996 11:58:36 +0930 (CST) From: Michael Smith <msmith@atrad.adelaide.edu.au> To: hasty@netcom.com (Amancio Hasty Jr) Cc: hackers@freebsd.org Subject: Re: routing question Message-ID: <199608280228.LAA10420@genesis.atrad.adelaide.edu.au> In-Reply-To: <199608280125.SAA15780@netcom18.netcom.com> from "Amancio Hasty Jr" at Aug 27, 96 06:25:33 pm
next in thread | previous in thread | raw e-mail | index | archive | help
Amancio Hasty Jr stands accused of saying: > > I have a box with an ethernet interface and a slip line. > The ethernet is on a different network than the slip line. > What i want to know if I have to install a firewall to prevent > people outside my complex to access my LAN. Is the box forwarding packets? (ie is the sysctl variable net.inet.ip.forwarding 0 or 1?) If not, then you already have a firewall 8) If it is (ie. you are connecting to the net from your LAN) then you are currently vulnerable. My _personal_ preference for this situation is to turn of forwarding and install a SOCKS proxy on the gateway box. This works for me and our application mix here, it may not work for you. > Amancio -- ]] Mike Smith, Software Engineer msmith@atrad.adelaide.edu.au [[ ]] Genesis Software genesis@atrad.adelaide.edu.au [[ ]] High-speed data acquisition and (GSM mobile) 0411-222-496 [[ ]] realtime instrument control (ph/fax) +61-8-267-3039 [[ ]] Collector of old Unix hardware. "Where are your PEZ?" The Tick [[
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199608280228.LAA10420>