Setting up a network and sharing internet

James Knott james.knott-bJEeYj9oJeDQT0dZR+AlfA at public.gmane.org
Wed Aug 24 16:09:20 UTC 2005


Lennart Sorensen wrote:
> On Wed, Aug 24, 2005 at 10:06:03AM -0400, Henry Spencer wrote:
>>That can be avoided by giving the eavesdropping computer two Ethernets,
>>and setting it up to act as a bridge (so it doesn't have its own IP
>>addresses etc. to mess up the picture).  It can provide full duplex,
>>and at least a cheap imitation :-) of full speed, depending on how well
>>it can keep up.  Moreover, not only can it eavesdrop on the packets it's
>>relaying, but it can alter them as well, which is sometimes very useful.
> 
> The truly transparent firewall setup relies on this.  A firewall that
> sits on the wire between two points and can filter traffic without
> either end needing to know about the existence of the firewall.

For that matter, a router can be configured as a firewall, as I have
done here.  The other computers on the network "know" about the router,
but have no idea about the firewall or VPN functions it provides.  I can
also run Ethereal etc., on the firewall/router (an old Dell computer,
running SuSE 9.1).


--
The Toronto Linux Users Group.      Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml





More information about the Legacy mailing list