Hi,
Paul Fraser wrote:
On Tue, Feb 22, 2011 at 10:41, Nate Bargmann n...@n0nb.us
mailto:n...@n0nb.us wrote:
Not only that but as we move to IPv6 there is no such thing as NAT.
Oh, how I wish that were true... The IPv6 spec includes NAT.
Well NAT does have it's advantages, one
On Wed, Feb 23, 2011 at 11:42:37PM +1100, Andrew McGlashan wrote:
Well NAT does have it's advantages, one being that it can act
as a reasonably good barrier as a NATural firewall. Sure, it's not
perfect, but if you have every device with IPv6 (or v4 for that
matter) being addressable
Andrew McGlashan a écrit :
Well NAT does have it's advantages, one being that it can act as a
reasonably good barrier as a NATural firewall.
This is a common misconception. I cannot tell about other NAT's, but
Netfilter NAT is not a barrier at all.
but if you have every device with
Hi,
Pascal Hambourg wrote:
Andrew McGlashan a écrit :
Well NAT does have it's advantages, one being that it can act as a
reasonably good barrier as a NATural firewall.
This is a common misconception. I cannot tell about other NAT's, but
Netfilter NAT is not a barrier at all.
It's a
Andrew McGlashan wrote:
And from the further reading referenced in the other response [1]
I see a problem with the following:
quote
At the same time, this tracking is per address. In environments
where the goal is tracking back to the user, additional external
information will be
On 22 February 2011 00:45, Stan Hoeppner s...@hardwarefreak.com wrote:
shawn wilson put forth on 2/21/2011 6:05 PM:
On Mon, Feb 21, 2011 at 6:45 PM, Stan Hoeppner s...@hardwarefreak.com
wrote:
Pascal Hambourg put forth on 2/21/2011 3:51 PM:
Stan Hoeppner a écrit :
You only need one
On Wed, 23 Feb 2011, Andrew McGlashan wrote:
An unpatched machine [for whatever reason], behind NAT has a
fighting chance, but one which is directly addressable from the
The protection offered by NAT is equivalent to a statefull firewall that
only allow sessions to be initiated by the
On Lu, 21 feb 11, 22:39:46, Peter Tynan wrote:
On 21 February 2011 21:24, Andrei Popescu andreimpope...@gmail.com wrote:
Maybe this is mutt specific, but if I just delete the mail from Inbox in
All Mail the message is still marked as unread (a.k.a new). If I mark it
as read and sync, then
On Lu, 21 feb 11, 20:26:45, Petrus Validus wrote:
Is there a way for this to be disabled and subsequently have
messages be displayed in their specific folders...or is this just how
Gmail works?
This one of the better innovation brought by Gmail, if used correctly.
I interpret
I interpret the if used correctly bit to mean using the GMail web
interface, not a 3rd party client such as Evolution or Mutt. Am I
correct in this interpretation?
No, I mean, AFAICT, IMAP was not designed for this paradigm (same
message present in different
On Tue, 22 Feb 2011, Petrus Validus wrote:
I interpret the if used correctly bit to mean using the GMail web
interface, not a 3rd party client such as Evolution or Mutt. Am I
correct in this interpretation?
No, I mean, AFAICT, IMAP was not designed for this paradigm (same
message present in
On Ma, 22 feb 11, 09:18:12, Petrus Validus wrote:
I interpret the if used correctly bit to mean using the GMail web
interface, not a 3rd party client such as Evolution or Mutt. Am I
correct in this interpretation?
No, I mean, AFAICT, IMAP was not designed for this paradigm (same
On Tue, Feb 22, 2011 at 10:41, Nate Bargmann n...@n0nb.us wrote:
Not only that but as we move to IPv6 there is no such thing as NAT.
Oh, how I wish that were true... The IPv6 spec includes NAT.
P.
On Wed, 23 Feb 2011, Paul Fraser wrote:
On Tue, Feb 22, 2011 at 10:41, Nate Bargmann n...@n0nb.us wrote:
Not only that but as we move to IPv6 there is no such thing as NAT.
Oh, how I wish that were true... The IPv6 spec includes NAT.
Which RFC?
--
One disk to rule them all, One disk to
On Feb 22, 2011 6:10 PM, Henrique de Moraes Holschuh h...@debian.org
wrote:
On Wed, 23 Feb 2011, Paul Fraser wrote:
On Tue, Feb 22, 2011 at 10:41, Nate Bargmann n...@n0nb.us wrote:
Not only that but as we move to IPv6 there is no such thing as NAT.
Oh, how I wish that were true... The
On Tue, 22 Feb 2011, shawn wilson wrote:
On Feb 22, 2011 6:10 PM, Henrique de Moraes Holschuh h...@debian.org
wrote:
On Wed, 23 Feb 2011, Paul Fraser wrote:
Oh, how I wish that were true... The IPv6 spec includes NAT.
Which RFC?
Lmgtfy - 4684 and 5902 - don't know off hand, you'll
To: debian-user@lists.debian.org
Subject: Re: To gmail or not to gmail (was Re: Fwd: selecting old
machines for
firewall/router use)
Resent-Date: Mon, 21 Feb 2011 05:54:49 + (UTC)
Resent-From: debian-user@lists.debian.org
I keep my current D-User folder (relatively) small by having
maildrop
* On 2011 20 Feb 22:06 -0600, Stan Hoeppner wrote:
Some consumer wireless routers don't like to do DHCP pass through, and
won't serve DHCP when configured as a bridge, in which case the Linux
firewall will have to serve DHCP. If the wireless router won't pass
DHCP from the wired to wireless
Get away from the web interface. Install Icedove/Evolution/Mutt and use
Google's IMAPs interface.
I use Evolution and Mutt with Google's IMAP interface. It works nicely
but I've noticed this quirky behavior when using a client via IMAP. My
messages appear in multiple places at the same
On Sun, Feb 20, 2011 at 9:26 PM, Greg Madden gomadtr...@gci.net wrote:
On Sunday 20 February 2011 03:03:35 pm Nate Bargmann wrote:
* On 2011 20 Feb 14:22 -0600, Elmer E. Dow wrote:
Greetings:
I'd like to set up a network with a firewall for my home computers
for security, control
On Lu, 21 feb 11, 12:59:56, Petrus Validus wrote:
Get away from the web interface. Install Icedove/Evolution/Mutt and use
Google's IMAPs interface.
I use Evolution and Mutt with Google's IMAP interface. It works nicely
but I've noticed this quirky behavior when using a client via IMAP.
On Mon, 21 Feb 2011, Petrus Validus wrote:
Get away from the web interface. Install Icedove/Evolution/Mutt and use
Google's IMAPs interface.
I use Evolution and Mutt with Google's IMAP interface. It works nicely
but I've noticed this quirky behavior when using a client via IMAP. My
On Lu, 21 feb 11, 07:17:18, Nate Bargmann wrote:
* On 2011 20 Feb 22:06 -0600, Stan Hoeppner wrote:
Some consumer wireless routers don't like to do DHCP pass through, and
won't serve DHCP when configured as a bridge, in which case the Linux
firewall will have to serve DHCP. If the wireless
On Mon, 21 Feb 2011, Andrei Popescu wrote:
On Lu, 21 feb 11, 12:59:56, Petrus Validus wrote:
This one of the better innovation brought by Gmail, if used correctly.
Unfortunately it's not very usable via IMAP. Example:
How do I tell mutt to tag the message as read in All Mail when I delete
it
On Lu, 21 feb 11, 20:49:49, Peter Tynan wrote:
On Mon, 21 Feb 2011, Andrei Popescu wrote:
On Lu, 21 feb 11, 12:59:56, Petrus Validus wrote:
This one of the better innovation brought by Gmail, if used correctly.
Unfortunately it's not very usable via IMAP. Example:
How do I tell mutt to
On Mon, 21 Feb 2011, Andrei Popescu wrote:
If you send via Gmail's SMTP you always have a copy in Gmail's sent, so
it should be enough to tell alpine not to save its own copy.
Check the headers - I use a local sendmail. I've been doing some digging
and it is in a sub-folder named Google
Andrei Popescu a écrit :
Just don't forget to make sure the router's internal IP address is
different from any other machine on the network.
Just like any other device. Nothing special here.
Easiest way for me was
to just use different sub-nets. Example: leave the router on 192.168.1.1
Stan Hoeppner a écrit :
You only need one
NIC in your firewall box when using a switch. You simply plug
everything into the switch including the DSL modem and the Netgear.
Bind both the public and private IP addresses to the same NIC in the
firewall using a virtual NIC: i.e. eth0 and
Adrian Levi a écrit :
I'd also suggest a static ip configuration with a setup like this, as
you'll only have one computer at the end of each ethernet segement you
won't gain anything from DHCP, you'd need a subnet declaration for
each nic and a pool statement.
Ethernet cards can be bridged
On Lu, 21 feb 11, 22:48:21, Pascal Hambourg wrote:
Easiest way for me was
to just use different sub-nets. Example: leave the router on 192.168.1.1
and build my own network on 192.158.0.XXX
This is unnecessary, and makes it hard to manage the device.
Ok, but IMVHO it would be a good
Andrei Popescu a écrit :
Ok, but IMVHO it would be a good idea to make sure the DHCP server does
not allocate the router's IP to some other host.
Of course, like any other statically assigned address. Again, nothing
special here.
--
To UNSUBSCRIBE, email to
On 21 February 2011 21:24, Andrei Popescu andreimpope...@gmail.com wrote:
Maybe this is mutt specific, but if I just delete the mail from Inbox in
All Mail the message is still marked as unread (a.k.a new). If I mark it
as read and sync, then it's also marked as read in All Mail. I assume
Pascal Hambourg put forth on 2/21/2011 3:51 PM:
Stan Hoeppner a écrit :
You only need one
NIC in your firewall box when using a switch. You simply plug
everything into the switch including the DSL modem and the Netgear.
Bind both the public and private IP addresses to the same NIC in the
On Mon, Feb 21, 2011 at 6:45 PM, Stan Hoeppner s...@hardwarefreak.comwrote:
Pascal Hambourg put forth on 2/21/2011 3:51 PM:
Stan Hoeppner a écrit :
You only need one
NIC in your firewall box when using a switch. You simply plug
everything into the switch including the DSL modem and
* On 2011 21 Feb 18:14 -0600, shawn wilson wrote:
supposedly, there is also a way to 'pivot' past a nat device - i haven't
looked into this, so i can't speak to this much...
Not only that but as we move to IPv6 there is no such thing as NAT. New
network device installations should be taking
Stan writes:
For this to be a real security issue, any attack must start below the
IP level...
Or from the inside. If none of the machines on the LAN are running
Windows you're probably ok.
--
John Hasler
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of
shawn wilson put forth on 2/21/2011 6:05 PM:
On Mon, Feb 21, 2011 at 6:45 PM, Stan Hoeppner s...@hardwarefreak.comwrote:
Pascal Hambourg put forth on 2/21/2011 3:51 PM:
Stan Hoeppner a écrit :
You only need one
NIC in your firewall box when using a switch. You simply plug
everything into
John Hasler put forth on 2/21/2011 6:24 PM:
Stan writes:
For this to be a real security issue, any attack must start below the
IP level...
Or from the inside. If none of the machines on the LAN are running
Windows you're probably ok.
How is this a security issue? Broadcast packets coming
Is there a way for this to be disabled and subsequently have
messages be displayed in their specific folders...or is this just how
Gmail works?
This one of the better innovation brought by Gmail, if used correctly.
I interpret the if used correctly bit to mean using the GMail web
Hmm, as far as I understand, a message is always present in [Gmail]/All
Mail', unless moved to [Gmail]/Trash or [Gmail]/Spam. New mail (not
filtered) goes to my Inbox. If I want to get rid of it for good I move
it to [Gmail]/Trash, but if I want to archive it I just delete the
Inbox tag
I wrote:
Or from the inside. If none of the machines on the LAN are running
Windows you're probably ok.
Stan writes:
How is this a security issue? Broadcast packets coming from the
customer that hit the DSLAM are instantly dropped.
Nothing to do with the DSLAM. These routers usually
John Hasler put forth on 2/21/2011 7:34 PM:
I wrote:
Or from the inside. If none of the machines on the LAN are running
Windows you're probably ok.
Stan writes:
How is this a security issue? Broadcast packets coming from the
customer that hit the DSLAM are instantly dropped.
Nothing
Greetings:
I'd like to set up a network with a firewall for my home computers for
security, control and convenience (file sharing), as well as to learn
about networking. We have the Internet entering via a Motorola DSL modem
and it currently passes data through a NetGear wireless router. I'd
On 21 February 2011 06:02, Elmer E. Dow elmere...@att.net wrote:
Greetings:
Snipped
300 Mhz processor
boot manager on 3.5-inch diskette so it can boot from diskette, CD or hard
drive
ethernet jack on motherboard
5 pci slots
4 isa slots
(I have a pci nic and 2 isa nics on hand, plus
Elmer writes:
300 Mhz processor boot manager on 3.5-inch diskette so it can boot
from diskette, CD or hard drive
That'll work fine as long as it has enough RAM to install Debian.
--
John Hasler
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of unsubscribe.
* On 2011 20 Feb 14:22 -0600, Elmer E. Dow wrote:
Greetings:
I'd like to set up a network with a firewall for my home computers
for security, control and convenience (file sharing), as well as to
learn about networking. We have the Internet entering via a Motorola
DSL modem and it currently
On Sunday 20 February 2011 03:03:35 pm Nate Bargmann wrote:
* On 2011 20 Feb 14:22 -0600, Elmer E. Dow wrote:
Greetings:
I'd like to set up a network with a firewall for my home computers
for security, control and convenience (file sharing), as well as to
learn about networking. We
Got to get away from gmail. No list reply feature.
-- Forwarded message --
From: Heddle Weaver weaver2wo...@gmail.com
Date: 21 February 2011 13:41
Subject: Re: selecting old machines for firewall/router use
To: Greg Madden gomadtr...@gci.net
On 21 February 2011 12:26, Greg
On 02/20/2011 09:42 PM, Heddle Weaver wrote:
Got to get away from gmail. No list reply feature.
Get away from the web interface. Install Icedove/Evolution/Mutt and
use Google's IMAPs interface.
--
The normal condition of mankind is tyranny and misery.
Milton Friedman
--
To UNSUBSCRIBE,
Elmer E. Dow put forth on 2/20/2011 2:02 PM:
Greetings:
I'd like to set up a network with a firewall for my home computers for
security, control and convenience (file sharing), as well as to learn
about networking. We have the Internet entering via a Motorola DSL modem
and it currently
John Hasler put forth on 2/20/2011 3:08 PM:
Elmer writes:
300 Mhz processor boot manager on 3.5-inch diskette so it can boot
from diskette, CD or hard drive
That'll work fine as long as it has enough RAM to install Debian.
Not to mention disk space. Even though the OP asked on this list,
On Sun, 20 Feb 2011, Ron Johnson wrote:
Date: Sun, 20 Feb 2011 22:02:48 -0600
From: Ron Johnson ron.l.john...@cox.net
To: debian-user@lists.debian.org
Subject: To gmail or not to gmail (was Re: Fwd: selecting old machines for
firewall/router use)
Resent-Date: Mon, 21 Feb 2011 04:03:05 +
On Sunday 20 February 2011 06:42:12 pm Heddle Weaver wrote:
Come with a few things installed.
I remember a few years back, a furore over factory installed trojans on
Belkin routers.
Belkin apologised and all the noise went away, but I haven't forgotten in
the current atmosphere of
On 02/20/2011 11:01 PM, Peter Tynan wrote:
On Sun, 20 Feb 2011, Ron Johnson wrote:
Date: Sun, 20 Feb 2011 22:02:48 -0600
From: Ron Johnson ron.l.john...@cox.net
To: debian-user@lists.debian.org
Subject: To gmail or not to gmail (was Re: Fwd: selecting old
machines for
firewall/router use
On Sun, 20 Feb 2011, Ron Johnson wrote:
Date: Sun, 20 Feb 2011 23:54:27 -0600
From: Ron Johnson ron.l.john...@cox.net
To: debian-user@lists.debian.org
Subject: Re: To gmail or not to gmail (was Re: Fwd: selecting old machines for
firewall/router use)
Resent-Date: Mon, 21 Feb 2011 05:54:49
On Sun, 20 Feb 2011, Ron Johnson wrote:
Date: Sun, 20 Feb 2011 23:54:27 -0600
From: Ron Johnson ron.l.john...@cox.net
To: debian-user@lists.debian.org
Subject: Re: To gmail or not to gmail (was Re: Fwd: selecting old machines for
firewall/router use)
Resent-Date: Mon, 21 Feb 2011 05:54:49
On 02/21/2011 12:17 AM, Peter Tynan wrote:
On Sun, 20 Feb 2011, Ron Johnson wrote:
Date: Sun, 20 Feb 2011 23:54:27 -0600
From: Ron Johnson ron.l.john...@cox.net
To: debian-user@lists.debian.org
Subject: Re: To gmail or not to gmail (was Re: Fwd: selecting old
machines for
firewall/router use
57 matches
Mail list logo