Shachar Shemesh wrote: > It can be secure. All you have to do is install an IPSec VPN on all > machines participating in the network, and not let anyone who is not VPN > authenticated get to either your internal network *or the internet*!
I am looking into the same thing as I have a guest comming for a few months that prefers WiFi to an ethernet cable. He's bringing me an "access point" ($40 in the states). I'm assuming it's incredably dumb, basicly an ethernet port on one side, and an antenna on the other, with just enough logic to get the packets in and out. :-) I was planning on taking an old PC and running linux on it as a firewall. To the outside world, I was going to open a DHCP server, ssh and whatever port(S) the VPN uses. He's running MacOS X, so I'm not sure yet what we can use. He's a "good guy" so I'm not overly concerned what he a can access locally, but if I was, I'd turn off IP forwarding on the firewall, and only allow him to access an HTTP proxy, DNS, SMTP and some sort of multilayer proxy between the WiFirewall and the cable firewall for GAIM. Geoff. -- Geoffrey S. Mendelson [EMAIL PROTECTED] 972-54-608-069 Icq/AIM Uin: 2661079 MSN IM: [EMAIL PROTECTED] (Not for email) Carp are bottom feeders, koi are too, and not surprisingly are ferrets. ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
