FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian User

 
 
LinkBack Thread Tools
 
Old 02-09-2008, 08:11 AM
Zach
 
Default Setting up ADSL?

I am getting ADSL (728/128) next week and have some questions.

I run Debian lenny with a 2.6.18 kernel.

The DSL connection will use PPPoE and I'll be getting a static IP.

I guess I just need 1 ethernet cable to connect the DSL modem to my NIC right?

How do I setup the PPPoE account (username, password)?

The modem also has a built in 4 port router so how can I setup NAT (I
only have 1 machine now but plan to add more in the future)?

How do I setup DHCP for my private addresses which NAT will use?

Anyone have a good basic firewall (especially example rules scripts!)
that I can put up?

Besides a plain firewall what else can I do to make my machine more
secure since it will be connected to the outside world nearly 24x7
from now on.

Last week one of my friends had their machine ping flooded, they
couldn't get any packets out and the attacker only stopped after he
unplugged his router and waited a few hours before reconnecting.
Questions:

1) If this happens to me what should I do to stop the attacker and get
back online?
(A quick way to ignore their IP would be good for starters.)

2) Why didn't his ISP or even the ISP's upstream provider catch this
and automatically null route the offender?

Also how can I manually bring my connection up and down?

Anyone know some good packages for logging network trafficing,
deciphering logs, getting useful reports etc?
If you log a lot I suppose there is no way to get around having to
read many log mails every day, the price of security eh?

Thanks,
Zach


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 02-09-2008, 08:55 AM
Jude DaShiell
 
Default Setting up ADSL?

aptitude install pppoeconf from a debian CD then aptitude update and
aptitude dist-upgrade as soon as you get online. You'll have a choice of
dhclient or dhcpcd packages and pppoeconf installs dhclient. You may find
it helpful to install dhcpcd and do an aptitude remove purge dhclient
though since the most current dhclient package over here drops connections
frequently for no apparent reason I can discover yet. Try setting router
on modem to medium security level then go out to http://www.grc.com and do
the shields up test. If your system comes back as truely stealthed then
you're successful. If not, aptitude install arno-iptables-firewall then
do that shields up test again. That should get you started.




--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 02-09-2008, 09:00 AM
"Russell L. Harris"
 
Default Setting up ADSL?

* Zach <netrek@gmail.com> [080209 03:28]:
> I am getting ADSL (728/128) next week and have some questions.
...

The easiest and quickest approach with the least hassle is simply to
run SmoothWall Express 2.0 on an old computer, and let SmoothWall
handle the PPPoE, firewall, router, DHCP, and logging functions.
Visit www.smoothwall.org for the free download.

Configuring SmoothWall for the type of service which you describe is
almost trivial, and should take less than an hour the first time you do
it, and only five or ten minutes if you ever need to reinstall it.

When I was forced to use PPPoE, I found it best to configure and treat
the ADSL modem/router as a modem and to let SmoothWall handle the
PPPoE. The advantage is that, if the modem ever gives trouble, you
can swap out the modem without the need to configure the new modem.
Because ISPs commonly give away a modem with each new ADSL account,
most ADSL users eventually end up with several modems, few if any of
them having the ability to manage a PPPoE connection.

RLH


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 02-09-2008, 03:59 PM
Joe
 
Default Setting up ADSL?

Zach wrote:

I am getting ADSL (728/128) next week and have some questions.

I run Debian lenny with a 2.6.18 kernel.

The DSL connection will use PPPoE and I'll be getting a static IP.

I guess I just need 1 ethernet cable to connect the DSL modem to my NIC right?

How do I setup the PPPoE account (username, password)?

The modem also has a built in 4 port router so how can I setup NAT (I
only have 1 machine now but plan to add more in the future)?


Modem/routers come in many different types. You will need to find out
what facilities it has, what its default IP address is and whether it
has a DHCP server. If it's a router it will deal with any PPPoE issues
itself. Typically, all it needs is the username and password, and it
will sort out the DSL parameters by itself. All configuration will be
done using a web browser, though some routers allow command-line
operation over Telnet of features that the web server doesn't offer.


How do I setup DHCP for my private addresses which NAT will use?


The modem/router will have a default range, if you're not happy with
that you can change it. NAT will be the default mode, you'd need to
configure bridging if you wanted that. Routers are fairly user-friendly
these days, the idea being that a typical Windows kiddie can just plug
in and go. The defaults will be good for most situations.


Anyone have a good basic firewall (especially example rules scripts!)
that I can put up?


Any modem/router made in the last few years will have a stateful packet
filtering firewall which is on by default, and which (probably) doesn't
forward anything by default. What it won't do is to filter things going
out, without specific configuration.


The jury is out over whether workstation firewalls are of any real use,
as malware with admin privileges can simply turn them off. Malware
without admin privileges is a minor annoyance.


Besides a plain firewall what else can I do to make my machine more
secure since it will be connected to the outside world nearly 24x7
from now on.


Don't forward any services from the Internet that you don't need. Make
sure the router's 'administer from the Internet' facility is disabled,
whatever it may be called. Change the admin password immediately from
the default, before you plug in the telephone line. Probably the router
will refuse to reply to pings from outside by default, but if it
doesn't, configure that.


Most of all, use a virus checker on any Windows machines on the system,
and teach the users not to do naughty things like accepting 'free'
screensavers and the like. Don't let them run as admins. Network
break-ins are almost never caused by routers with security bugs, but by
careless users. All networks would be better off without them.


Last week one of my friends had their machine ping flooded, they
couldn't get any packets out and the attacker only stopped after he
unplugged his router and waited a few hours before reconnecting.
Questions:

1) If this happens to me what should I do to stop the attacker and get
back online?
(A quick way to ignore their IP would be good for starters.)


Nothing whatever. You can't ignore an IP address until you've read what
it is, and 'flood' implies that your front-line machine will be fully
occupied just doing this. There is no defence other than telephoning
your ISP and asking them to block the relevant protocol, at least for a
time. First you have to reach someone at the ISP who knows what
'protocol' is.


2) Why didn't his ISP or even the ISP's upstream provider catch this
and automatically null route the offender?


Most ping floods and other DDOS attacks are distributed, coming from a
dozen or a hundred or a thousand different hijacked machines. It's rare
that they are done at random, the motive is usually financial, which
implies a commercial website of some kind. Renting out botnets, that is,
hundreds or thousands of hijacked computers, is big business, and they
are rarely deployed just for a laugh.


Also how can I manually bring my connection up and down?


There will be a place in the web configuration to do this, but in an
emergency don't forget the old low-technology method of pulling the plug
out.


Anyone know some good packages for logging network trafficing,
deciphering logs, getting useful reports etc?
If you log a lot I suppose there is no way to get around having to
read many log mails every day, the price of security eh?



You imply but don't say definitely whether you will have a computer
running continuously. A router will have a very limited amount of spare
RAM, and may well store only twenty or thirty log events. You need an
always-on computer running a syslog daemon (all *nix machines do)
configured to receive remote input, and to configure the router to send
log entries to it. I use logcheck to report once an hour, but with a lot
of filtering added (I don't really want to be told every hour which
machines asked for a DNS lookup). If you have a fixed IP address, and
aren't doing anything commercial, there shouldn't really be a lot of
trouble.



--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 02-11-2008, 08:06 AM
Chris Bannister
 
Default Setting up ADSL?

On Sat, Feb 09, 2008 at 04:11:32AM -0500, Zach wrote:
> Anyone have a good basic firewall (especially example rules scripts!)
> that I can put up?

apt-get install shorewall-doc

> Besides a plain firewall what else can I do to make my machine more
> secure since it will be connected to the outside world nearly 24x7
> from now on.

There are books on this, IOW, there is no easy answer.

> Anyone know some good packages for logging network trafficing,
> deciphering logs, getting useful reports etc?
> If you log a lot I suppose there is no way to get around having to
> read many log mails every day, the price of security eh?

apt-cache search network monitor | wc -l
145

--
Chris.
======


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 

Thread Tools




All times are GMT. The time now is 03:08 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org