[CLUE-Tech] Qwest, DSL and Linux/BSD?
David Anselmi
anselmi at americanisp.net
Mon Jul 1 21:34:00 MDT 2002
Sean LeBlanc wrote:
> <snip>
> Thanks for all the suggestions from everyone.
>
> A few more questions:
>
> 1. How "dynamic" is your IP if you don't pay for a static one? Ever since
> the changeover from @Home to AT&T, my so-called "dynamic" IP has not changed
> - not that I'm complaining. Also, does anyone here have any troubles with
> being always-on? I don't want to be always dialing and getting dropped and
> such...I want it to be always on, if possible. I've heard that with certain
> plans from Qwest, they drop the connection after a set amount of time. Is
> this true?
Americanisp will give you a static IP for their basic $18/mo rate. They
do shell accounts and a bunch of other features (unlimited email
addresses, etc) which is why I went with them. Take a look. Tell them
I sent you and ask if you can have a discount (never hurts to ask). I
don't have any relationship with them, just sent them 2 or 3 other people.
I have had some problems with my connection going down (hanging really).
Retraining the wan link seems to fix it usually, but it could be my
modem (cbos 2.4.3 seems a little buggy) or my Win2k + zone alarm. It
doesn't bother me much. I'll be watching more closely now that I'm
running some longer term apps.
It seems that sometimes my connection is actually down, but it comes up
by itself the first time a packet goes through.
>
> 2. Is the Cisco 678 easy to set up for certain incoming services like SSH?
> Do you just forward to a box that handle SSH?
In enable mode do "set nat entry add 10.0.0.2 22". That's all. You can
get lots of (mostly good) docs from Cisco. But you can type "set nat ?"
and it will tell you what's allowed next.
As far as the web server goes, it doesn't allow you to set up all the
features the command line does.
As far as security, I like DSL because the NAT it does provides pretty
good protection out of the box. The modem itself is open (but not to
telnet or web if there is no password) but the boxes behind are
relatively invisible. The 678 also has basic packet filtering, so even
if you want the web port open, you can filter so the outside can't see it.
I would definately recommend a 678 over an internal modem (maybe there
are cheaper externals that do as much) if you can afford the luxury.
Dave
More information about the clue-tech
mailing list