Hi. I'll try to answer your questions in a way that makes sense:
On Thursday 13 May 2004 21:45, Timothy Bolz wrote:
> If X is unsafe over the internet is it safe on a trusted
> network (for instance my couple of computers). Can I get on
> the internet or is it unsecure. Would I run some iptable
> scripts to block anything?
This is a question that could have a rather long answer, depending
on how your home network is set up.
First of all, by definition everything is safe on a trusted
network. But I question whether your home network is actually a
trusted network.
How are you connecting to the Internet? If you actually have
three devices on your home network -- two computers and a
broadband router/modem/whatever, as in this extremely crude
drawing which looks fine on my screen but is probably a mess on
everyone else's:
(Internet)
|
___________ ____|_ __________
| Computer A |-----------| Hub |-------------| Computer B |
-------------------- --------- ------------------
-- then it isn't a trusted network and there is no way you can
safely run X sessions over it without adding a firewall between
"hub" and "Internet".
If, on the other hand, only one of the computers connects to the
Internet, like this:
(Internet)
|
_________|__ __________
| Computer A |--------------------------------| Computer B |
-------------------- ------------------
(this means that Computer A has two network interfaces: one
Ethernet card to connect to computer B, and some different device
such as a telephone modem or a second Ethernet card to connect to
the outside) -- then you can safely run X sessions over the
internal LAN as long as you set up your iptables configuration on
Computer A correctly.
> If this would be unsecure how about the Linux Terminal Server
> Project?
Same exact issue. For what it's worth, LTSP is normally
configured like the second drawing above with the server having
two network interfaces (one for the outside world and one for the
internal, private LAN). As long as its firewall is set up
correctly, it is reasonably safe.
But LTSP is normally configured to use one central server with one
or more weak/slow/old workstations attached, not a "log into
either one from the other" configuration, which is what I believe
you want.
I hope this helps.
Ken
--
"No man has ever ruled other men for their own good."
-- George D. Herron
_______________________________________________
EUGLUG mailing list
[EMAIL PROTECTED]
http://www.euglug.org/mailman/listinfo/euglug
