On Mon, 11 Aug 2003 08:56, you wrote: > Hi Guys, > > I am using my linux box as an internet gateway for my laptop. My laptop is > running Windows 98 (1st edn) and my linux box, which is a desktop, is > running Mandrake 8.2. I skimmed over the docs on IP Masquerading and being > the lazy person I am found the fewest lines out of their script that I > needed to type in. On the linux box I found all I needed to type in was: > > echo 1> /proc/sys/net/ipv4/ip_forward > iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE > > You can see I am using an dial up connection to connect to the internet. > > The question is this. Am I leaving a really big security hole by doing > things this way? Or is this good enough for a home user on a dial up > connection.
That gives you virtually no protection at all. I'd guess you'd be very lucky to have a half-life of about a week. ok, having had my machines attacked more than once I'm now quite convinced that the whole world out there on the Internet is out to get me and do my computers over. :-) Therefore, humour aside, I use IPCop in a separate machine as a proper firewall. IPCop installs perfectly out of the box and appears to work well. It got trashed a week or two ago, but the attackers got no further and my machines behind it were protected. The fact that you are on a dial-up is no protection at all. I received a 'phone call a while ago from a fellow who was on a dial-up connection for about an hour before his naked and exposed Linux box was completely destroyed. Poor fellow sounded as if he had just been raped. An old '486 is perfectly good to use as a firewall. -- Sincerely etc., Christopher Sawtell
