[CLUE-Tech] sshd question

Joseph A. Nagy, Jr. jnagyjr at joseph-a-nagy-jr.us
Wed Dec 1 10:33:33 MST 2004 

On Wed, Dec 01, 2004 at 09:52:24AM -0700, Nate Duehr wrote the following:
> Joseph A. Nagy, Jr. wrote:
> 
> >On Wed, Dec 01, 2004 at 07:19:05AM -0700, Chris Schock wrote the following:
> > 
> >
> >>What is your [hardware] firewall? Sounds like the problem is there.
> >>
> >>Is it a linksys wrt54g by any chance? I have one of those, and
> >>occasionally it "forgets" to forward ports. Also the Qwest Actiontec DSL
> >>routers are fairly flakey and occasionally require power resets.
> >>   
> >>
> >
> >I have that exact same problem and it is highly annoying. Due to the need 
> >to
> >have other computers easily access the network I'm forced to use it (I
> >haven't learned how to turn my box into a mini-router yet), that and the
> >fact I have problems keeping this box up more then a few days at a time due
> >to a bad CRCCheck/sector on my WD hdd. 
> > 
> >
> If you have a box that's not "doing anything", I have used with 
> SmoothWall's free version and have great reports from friends who like 
> IPCop which I believe was a spin-off of that for dedicated little 
> firewall boxes. 
> 
> www.ipcop.org
> 
> One of the "fun" things I've played with was setting up an IPSec VPN 
> between my house and a friend's.  We didn't have any clashes on our RFC 
> 1918 space, so we were able to just treat each other's networks as 
> "local" if we were inside the firewalls... kinda funny to spew something 
> out on his HP Color LaserJet from across town when he wasn't expecting 
> it.  (Or during a phone call -- "Where'd you see that?", "Ahh, it's 
> coming out of your printer now."  LOL.)
> 
> (Yeah yeah, I know VPN's are old news - it was just fun to do it for 
> something non-work related.)
> 
> I'm thinking I'll probably build up a new IPCop machine using one of the 
> dual NIC Via Eden mini-ITX motherboards -- the firewall is on 24/7 and 
> switching to a machine that draws very little power (~70W) is 
> appealing.  The old Pentium II that's doing the job right now is noisy, 
> and judging by the heat dissipation uses a lot more than 70W just 
> sitting there routing packets and logging stuff.

Well I have a Pentium Classic (90MHz (133 overclocked), 80MB RAM) that still
kinda works (I'm having problems getting the SCSI drives and the SCSI PCI
card to work without locking up during boot) and PII with RAM slots too
flaky to do anything serious with otherwise I would have already built
something. I have a working IPtables rule (which I'd be willing to share
with interested parties offlist) which I used when I was able to have just
my machine on my DSL, but since I convinced my parents to use my DSL and
drop the cable, I've had to go back to using the router. ),: 

C'est la vie.

> The nicest part about these "pre-made" security type distros is that all 
> the toys one would normally integrate (like MRTG graphs for interface 
> use statistics) is already baked in.  I would recommend at least going 
> through writing your own IPTables ruleset and learning how it works 
> properly at least once, but if you've done that and you just "want to 
> get the firewall built and finished so I can do something else with my 
> time this week/day/whatever", the little security/firewall distros are 
> pretty nifty.
> 
> Oh and just for fun, the Gentoo-heads on the list will be 
> happy/proud/terrified/scared to note that I'm turning (quickly) into a 
> Gentoo religious convert.  ;-) 
> 
> The laptop's all "Gentoo-ized" including doing a Stage I build with 
> "nptl" in the USE, and working on getting a Via Eden 500  board to play 
> nicely.  It barfed on sunrpc last night during the bootstrap.  :-(  I 
> think I had the CFLAGS wrong for the Via Eden. 
> 
> Nate

Thanks, though. I'll definitely flag this thread for future reference.

-- 
AIM: pres CTHULHU | ICQ: 18115568 | Yahoo: pagan_prince
Jabber: DarkKnightRadick@(jabber.org|amessage.at) | Libertarian @ Large
PGP: 0xCF7EAA67 | < http://groups.yahoo.com/group/tennesseans-for-badnarik/ >
< http://mc-luug.homelinux.org/mailman/listinfo/mc-luug >
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://cluedenver.org/pipermail/clue-tech/attachments/20041201/8b51c576/attachment.bin

More information about the clue-tech mailing list