Thanks Ken Mine is more like the second. I have a modem in computer A which then a cable goes to a hub and then to computer B. So everything is going thru computer A. If I ever get high speed I might go thru a router/firewall to the couple of computers, similar to the first. I think this would be safe?
Is my home network a trusted network. Well I trust it. Does that count. :-) So what would the iptables configuration look like to block the xdmcp. I kow very litlle about iptables. I should learn it. There are so many fun project to work on thought. I'm going to try a diskless workstation eventually. It's one of those things where I can say I've done that. Your diagrams were very helpfull. Thanks Tim On Friday 14 May 2004 12:47 am, you wrote: > Hi. I'll try to answer your questions in a way that makes sense: > > On Thursday 13 May 2004 21:45, Timothy Bolz wrote: > > If X is unsafe over the internet is it safe on a trusted > > network (for instance my couple of computers). Can I get on > > the internet or is it unsecure. Would I run some iptable > > scripts to block anything? > > This is a question that could have a rather long answer, depending > on how your home network is set up. > > First of all, by definition everything is safe on a trusted > network. But I question whether your home network is actually a > trusted network. > > How are you connecting to the Internet? If you actually have > three devices on your home network -- two computers and a > broadband router/modem/whatever, as in this extremely crude > drawing which looks fine on my screen but is probably a mess on > everyone else's: > > (Internet) > > ___________ ____|_ __________ > > | Computer A |-----------| Hub |-------------| Computer B | > > -------------------- --------- ------------------ > > -- then it isn't a trusted network and there is no way you can > safely run X sessions over it without adding a firewall between > "hub" and "Internet". > > If, on the other hand, only one of the computers connects to the > Internet, like this: > > (Internet) > > _________|__ __________ > > | Computer A |--------------------------------| Computer B | > > -------------------- ------------------ > > (this means that Computer A has two network interfaces: one > Ethernet card to connect to computer B, and some different device > such as a telephone modem or a second Ethernet card to connect to > the outside) -- then you can safely run X sessions over the > internal LAN as long as you set up your iptables configuration on > Computer A correctly. > > > If this would be unsecure how about the Linux Terminal Server > > Project? > > Same exact issue. For what it's worth, LTSP is normally > configured like the second drawing above with the server having > two network interfaces (one for the outside world and one for the > internal, private LAN). As long as its firewall is set up > correctly, it is reasonably safe. > > But LTSP is normally configured to use one central server with one > or more weak/slow/old workstations attached, not a "log into > either one from the other" configuration, which is what I believe > you want. > > I hope this helps. > > Ken _______________________________________________ EUGLUG mailing list [EMAIL PROTECTED] http://www.euglug.org/mailman/listinfo/euglug
