Hey there, got a few questions concerning my ADSL connection.
First of all the connection is setup through PPTP. The ADSL router has an IP of 10.0.0.38. My linux server has 2 Ethernetcards 192.168.0.1 and 10.0.0.150. The linuxserver establishes a PPTP connection with the ADSL router. The linux server now gets an extra interface PPP0 with my static IP address. Let's say it's 11.22.33.44 for the ease. All packets send to 11.22.33.44 are thus (bridged??) to my linux server. Is it possible to attack the router directly from the internet? (since the router is not the one with the actual IP address. That's the linux server. The router should just forward the packets but it should not process them right?). Far as I know the router can only be attacked if you have an echo server echo'ing everything back to the adsl router. Or if you crack/hack the linux server and attack it from there. Is that true? Now for the iptables/firewall guru's. I really want to tighten my firewall. However I need to know something for that. Now if I would only allow traffic from 10.0.0.150 and 10.0.0.138 on the PPTP ports and block EVERYTHING else! on 10.x.x.x will I still get packets from the internet? I guess this depends solely on how PPTP is implemented. since if it's just a forward between them (not using the tunnel) I won't receive anything anymore (probably just guessing here). If it's going through the tunnel then I guess I'm save blocking everything else since it comes out of the tunnel and pass through fine. However how will iptables see this? Will it see it as packets coming on eth0 (the 10.0.0.150) OR will it see it only as packets coming in from PPP0 as where the PPTP is hiding/obscuring the traffic between eth0 and the router making it look like the packets came in straight from the PPP0 interface. I'm really confused about that concerning these protocols. I mean if the connection becomes transparent to the firewall I can allow traffic to/from 10.0.0.138/10.0.0.150 on the PPTP ports when the connection is being established. Then when my username/password is verified and if the PPTP then hides the traffic as coming from eth0 (10.x.x.x) and shows it as coming in from PPP0 I could just block everything coming in from eth0 and allow stuff from PPP0. I'm not too lazy to read anything :-) so if you have any online docs on this or something feel totally free to send me just links. They'll be greatly appreciated. Kind regards, Ferry van Steen
