[Glastonbury] Questions(animation)

Andrew M.A. Cater glastonbury at mailman.lug.org.uk
Thu Jul 24 19:40:01 2003 

On Thu, Jul 24, 2003 at 08:15:31AM -0700, Maurice Onmaplate wrote:
> BTW Martin I'm going to rebuild my Pemtium I as a Suse
> Linux, BUT it has to be able to get on net...I'm going
> Cable.  The cable company guy asked what machne I
> wished to use, and before I could answer said "not the
> apple", so I did not think asking him about Linux
> would be useful.
> 
> So the likely setup will be my Win XP box connected to
> the internet via a cable modem through a network
> connection OR a USB.  
> 
> With a network conection it wil need to go into a hub,
> and therefore be available to all machines on the
> network.  With a USB it will have to be 'shared' from
> the XP by the otehr machines [Apple, Win 2000 and
> Linux].  
> 
> Any thoughts ideas or such, I'm worried that a network
> option will not work via a hub, and that the
> alternative will be a pig to set up!
> 
> Steve
> 
Steve,

DO NOT USE A WINDOWS PRODUCT AS A FIREWALL.  GIVEN MICROSOFT'S
CURRENT RECORD ON MAJOR SECURITY PATCHES, YOU'D SOON WISH
YOU HADN'T CONSIDERED THE IDEA [Just my 0.02 Euro :) ]

If you're going to build a machine to connect you to cable/ADSL.

Build a box with two network cards.  Run SuSE / Smoothwall / homebrew
Linux.  Set the box up as a firewall with iptables and masquerading.
[Potentially the cable modem may have some of this functionality:
it may not.]

Register one of the  NICS with the cable company (if that's how they
authenticate you - one of my colleagues said "What MAC address would
you like the card to have" when asked :) ).  

The reason they say Windows is because they are used to a Windows setup 
routine in their software.  Most cable modems also have a web interface.

Set up the "outside world" card to pick up its address via DHCP
from the cable modem.  Set up the "inside card" with an IP from the
private address ranges (10.0.0.0, 172.16.???.???, 192.168.1.0), feed
this into a network hub/switch and let your other machines plug into the 
hub. [You might conceivably have to play around with a small 
button/switch on the hub itself to allow you to use straight cables 
throughout and avoid a crossover]  

Set up the firewall with your ISP's nameservers in /etc/hosts unless
you want to be clever and run your own DNS server for "inside your 
network".

This is essentially the setup I have - a PPro 200 with 80M of memory,
a 500M disk and a minimalist firewall.


HTH,

Andy