Bored out of my skull and thinking of rejiggering my home network. I'm just brain-dumping here looking for opinions, ideas, hints, and tips.
Here's what I'm thinking. I want a VPN box (likely Ubuntu and SSH based) between my cable modem and my router. Any of my trusted machines run over open wireless or cat5 to the router and are configured to connect to the VPN. Then any connections over the open wireless or a tor exit node get logged (both CYA and traffic snooping) and go out to the internet. Goal is to explore the networking side of IT a little more, help my paranoid bretheren with Tor, and learn how to build a system that can safely function in a hostile environment. Depending on my mood I may also get a little grey-hat and see if anything interesting is coming through the unsecured wireless and Tor. Some questions: 1. Recommendations for a distro and VPN software for the VPN box? I'm most comfortable with Ubuntu, but I'm open to other options. Obviously the most common and easiest to configure VPN option wins. 2. How can I prevent the open connections from the outside from getting inside? I'm open to sharing my bandwidth, but I want to keep people from peeing in my pool. 3. How can I throttle (simple bandwidth cap) the unsecured traffic? The day will come when I decide to find out how far I can push Comcast, it will be the same day I decide to sign up for FiOS. 4. How can I give secured traffic priority over unsecured traffic? I.E. my ISO downloads come down BEFORE the tor node gets to myspace. 5. How can I readily configure my own Linux boxes, my wifes Mac, and any of my guests computers to connect to the VPN? Machines that regularly use the network should autoconfgure. 6. Any suggestions for dynamic DNS services? 7. How can I sanely manage the logs for the open connections? Following Bruce Scheiers idea of having an open wireless router is interesting, but I would prefer a more reliable way of covering my ass. -- -- Jon Bartels [EMAIL PROTECTED] _______________________________________________ Fwlug mailing list [email protected] http://fortwaynelug.org/mailman/listinfo/fwlug_fortwaynelug.org
