Security Basics mailing list archives
RE: Hardware + Software Router + OpenBSD DHCP / NAT
From: Jim Kelly <jim () essistants com>
Date: Fri, 11 Apr 2003 13:50:11 -0400
Although it's not OpenBSD, I use the Dachstein release of the Linux Router Project Family. It has worked great for me so far, and I wasn't able to find much in the way of security issues with it. You can check it out at lrp.steinkuehler.net. If you don't like it, you can just pop the floppy out and you have your system back. If you have any questions about getting it to work or whatever, you can contact me off list. Jim -----Original Message----- From: Christopher Nehren [mailto:apeiron () comcast net] Sent: Wednesday, April 09, 2003 9:40 PM To: security-basics () securityfocus com Subject: Hardware + Software Router + OpenBSD DHCP / NAT Currently I have a cable modem in my house which feeds into a router. This router distributes the modem connection via DHCP to a few machines on my home network. I have an old machine running OpenBSD, and I'd like to know what a good (I suppose "best" would open a flame war?) solution would be, in order to increase my home network security using the OpenBSD system. I'm thinking of something like this: (please excuse my pitiful attempt at ASCII art) cable modem | | | router with the OBSD's system set as the DMZ | | - first ethernet interface on the OBSD machine OpenBSD system running DHCP / NAT + PF - second ethernet interface on the OBSD machine | | hub / switch | | client A / client B / client C ... / client Z Would this work? Would it be more secure to have the modem go to the OBSD box, then to a router, and then route the connection to the machines on the network? My main (only) concern with this setup is the security of my home network. ------------------------------------------------------------------- Is SPAM over-loading your e-mail server, disk space or bandwidth? SurfControl E-Mail Filter is flexible, intelligent and policy-driven protection. http://www.securityfocus.com/SurfControl-security-basics2 Download your free fully functional trial, complete with 30-days of free technical support. Stop SPAM before it stops you. -------------------------------------------------------------------
Current thread:
- Hardware + Software Router + OpenBSD DHCP / NAT Christopher Nehren (Apr 11)
- RE: Hardware + Software Router + OpenBSD DHCP / NAT Jim Kelly (Apr 12)
- RE: Hardware + Software Router + OpenBSD DHCP / NAT mark (Apr 12)
- Re: Hardware + Software Router + OpenBSD DHCP / NAT Jason Burroughs (Apr 15)
- <Possible follow-ups>
- RE: Hardware + Software Router + OpenBSD DHCP / NAT Allan Schon (Apr 14)
- RE: Hardware + Software Router + OpenBSD DHCP / NAT * KAPIL * (Apr 15)
- RE: Hardware + Software Router + OpenBSD DHCP / NAT Allan Schon (Apr 15)