A hardware issue - was Re: [clug] Firewall settings on NetGear
modem/router
Alex Satrapa
alexsatrapa at mac.com
Tue Jun 30 05:20:41 GMT 2009
On 30/06/2009, at 15:05 , Rod Peters wrote:
> If you are using such Linux then why not just turn off all this
> confusing
> firewalling in the router and at least confirm that the modem works.
The router usually needs the "firewalling" in order to work properly.
Factory default is to do NAT, with the router presenting a single
Internet-visible IP address to the outside world. Without NAT, you'll
need to assign each device on your network an Internet-visible IP
address, and the ISP will have to route those addresses through your
connection to your router.
The catch is that with NAT active (which you need to have in order for
your Internet connection to service more than just the router), you
can't host services on your computer and have them visible to the
outside world, without fiddling with port forwarding.
The upside is that you need fewer "clever" rules on your desktop since
there is far less opportunity for malcontents to attack your computer.
Your router usually ignores all packets destined for itself from the
Internet side, so it should be as safe as a Linux box with a "drop"
policy.
Alex
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 220 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/linux/attachments/20090630/c68df5fa/PGP.bin
More information about the linux
mailing list