Getting DSL soon, what do I need to do?

[dalek]

Well I found out that sometime before next summer DSL will be getting here. I need some info on what all I need to do. I have a old AMD 400MHz machine. I plan to have two computers hooked up so I'll need to share the connection. I've heard of something called smoothwall, will that work.

I want the thing to be secure so I can be a good 'netizen'. It will be bellsouth.net if that matters and you are familiar with them.

I'm disabled so I want to get a headstart on this thing. I can't spend a whole lot at one time.

I do run Gentoo here, via dial-up. Prolly not very secure at the moment so I want to improve that before it has a permanent connection the net.

Please share your ideas on this.

Thanks


_________________
My rig: Gigabyte GA-970A-UD3P mobo, AMD FX-8350 Eight-Core CPU, ZALMAN CNPS10X Performa CPU cooler,
G.SKILL 32GB DDR3 PC3 12800 Memory Nvidia GTX-650 video card LG W2253 Monitor
60TBs of hard drive space using LVM
Cooler Master HAF-932 Case

[smiley]

As far as a firewall goes, I would emerge shorewall, then use the shorewall quickstart guide. There's also some forum topics around about shorewall. I also like the additional security if a dsl/cable router, which also acts as a type of firewall, but it's not a necessity.

smiley

[dalek]

Well I was trying to download the docs for shorewall. It seems their server is down or something. It got partway through and it just quit. The site doesn't do anything now. Well it appears to just be the admin guide actually. I'm confused, as usual.

I do want to use the old AMD 400 for a router/security thing. That way if they mess it up they can't get to my main rig. Mess with my Gentoo and I'll kill them dead.

Now to see what's up with shorewall.org.


_________________
My rig: Gigabyte GA-970A-UD3P mobo, AMD FX-8350 Eight-Core CPU, ZALMAN CNPS10X Performa CPU cooler,
G.SKILL 32GB DDR3 PC3 12800 Memory Nvidia GTX-650 video card LG W2253 Monitor
60TBs of hard drive space using LVM
Cooler Master HAF-932 Case

[BiOCHiP]

If you want to have a dedicated firewall box, be sure to check out smoothwall, as you mentioned. If you want to have another linux box to play with, which acts as a firewall too, just install gentoo on the thing and run shorewall.
_________________
Music is the Answer

[revertex]

why not buy a dsl/router with a integrated firewall?

[BiOCHiP]

[dalek]

The old machine is doing nothing anyway. I want to put it to good use.

Still can't get that doc from swoothwall.org though. I email them to check on it. May be a bad file or something. It got partway through the first time and died.

This crap always happens to me.

I hope I can find a used modem. Those things are not cheap, not like dial-up.

Keep those ideas coming.


_________________
My rig: Gigabyte GA-970A-UD3P mobo, AMD FX-8350 Eight-Core CPU, ZALMAN CNPS10X Performa CPU cooler,
G.SKILL 32GB DDR3 PC3 12800 Memory Nvidia GTX-650 video card LG W2253 Monitor
60TBs of hard drive space using LVM
Cooler Master HAF-932 Case

[yodi]

[revertex]

[pratttech]

I had a similar setup when I first got DSL back in the day.

Win98 Desktop
FreeBSD 4.4.1-9 Samba PDC
OpenBSD 2.5 IPF-FW/GW

The firewall was a 386 and the hardware stb in 2002 so I replaced it with a Linksys. The cost analysis won out in an appliance favor than another old pos, but it is fun running a server on your connection.

I also believe that OpenBSD wins bar none if I have a *nix bastion host.

[dalek]

Hmmmmm, not sure I would trust the old thing that much. It also don't like my 80GB drive. It, BIOS, just will not see it there. Too big I guess.

If anybody has some ideas that are cheap, that would be good. I assume I HAVE to have that DSL modem though. Piced out alcatel external so far. I like external stuff. Easier to reset.

I just want to make sure it is secure and not used to attack somebody else. I would be pissed. I will likely use ssh too. hmmm, got to change password now for sure.

Also, my older brother, seperate house and all, will get it too. What should he get? He uses microshit XP. Hardware router? Bullet proof vest. He will want a harware thing that does not require him to do much. He is not real computer savey (sp?). Me, I want it cheap, and stable as a rock.

What you think? How hard is this BSD stuff? I have heard of it but never seen it. I have talked to people that use that for servers and firewall stuff. hmmm, where do I get it?

Later



edit: I can't type worth crap, don't bug me about it.
_________________
My rig: Gigabyte GA-970A-UD3P mobo, AMD FX-8350 Eight-Core CPU, ZALMAN CNPS10X Performa CPU cooler,
G.SKILL 32GB DDR3 PC3 12800 Memory Nvidia GTX-650 video card LG W2253 Monitor
60TBs of hard drive space using LVM
Cooler Master HAF-932 Case

[NeddySeagoon]

dalek,

Smoothwall is good but it takes over the whole PC. My Smoothwall Express box runs on a Cyrix 200Mhz PC with 64Mb RAM and 120Mb hard drive. Unfortunately, thats not enough to run a caching web proxy.

You can probaby jumper the drive to report that its only 33Mb to the BIOS. Linux will sort out the mess after booting, so you will still see it all.

Be sure to get an external ADSL/Ethernet box. They just work and when they don't the flashing lights provide some hints. The firewalls in these things are often linux based but are rarely updated. So become less effective with the passage of time.

If you have to ask about BSD, you are not ready to set up something so mission critical as a firewall with it.

If you want to use your 400MHz box as a PC too, put iptables in the kernel and get one of the many rules tools around.

You brother needs Gentoo - give him a liveCD.
_________________
Regards,

NeddySeagoon

Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail.

[pratttech]

OpenBSD is not much harder than Gentoo. It actually installs quick and fast from tgz compressed "filesets". If you have all the ones you want you can do a *full* install in an hour.

The OpenBSD install is very light and tight. At the end you will have a box with virtual ttys and not much else; but the BSDs invented the ports systems (ala Portage) and you can build what you want or need.

If it is a gateway box, less is better. More services = more potential exploits. PF is their new firewall sw, which is a ground up rebuild of IPF after Theo had issues with the original IPF author.

You will want a box with three interfaces or four if you'd like to run external services.

Each segment gets an interface:

One to DSL modem and outside address
One to your stuff
One to your brother
One to an optional DMZ area

As far as writing rules, I recommend default deny and only open what you need, no more. Syntax varies from one product to the next, but is essentially the same stuff. You get allow any, your brother maybe 80 or 25 depending on what he needs. Lock down the outside and open to the DMZ whatever you intend to host.

When I did this I ran apache and sendmail on the internal FreedBSD box and BIND with the firewall. It was fun, but after time a bit of time I decided way overkill for just me

[dalek]

Well my brother will have his own at his house. He lives up the road from me so I can set it up for him. He just won't know how to keep it up to date or anything. He is the oposite of a computer guru.

I learned Linux pretty well. I have time to mess with BSD. I should be able to learn something by the time it gets here.

I also plan to take coffee and iced tea for the guys putting in the new box for DSL. I want to keep them happy. It is only about 1500' from my house. I may get the speed next up from the basic one. I do run Gentoo and download a lot of stuff. Help me keep my background for my desktop changing. I got about 8000 pics now with the slide show thing changing every minute.

I found a place to download some BSD stuff. I'm not sure at the moment what I need to get though. I'm searching for a how to on google. hmmm, google/bsd maybe???

Keep the ideas coming guys. I've been waiting for this a good while.

Later


_________________
My rig: Gigabyte GA-970A-UD3P mobo, AMD FX-8350 Eight-Core CPU, ZALMAN CNPS10X Performa CPU cooler,
G.SKILL 32GB DDR3 PC3 12800 Memory Nvidia GTX-650 video card LG W2253 Monitor
60TBs of hard drive space using LVM
Cooler Master HAF-932 Case

[pratttech]

The state of DSL in this country is shite from what it should be. I only run DSL because my ISP will host my domain as part of the monthly fee and they block nothing. I have residential 1500/128KB ADSL from them with Verizon as the LEC. It costs me $39.99/month. Cable is $10 more a month but I could get 2000-4000KB down supposedly. If I had extra dough, I'd try both at this point and see if I could route between either. Neither offers a free static IP. I can also see my CO from my front door.. what I wouldn't give for a dry pair or a antenna on the roof, lol. Start a basement ISP, with a 54MB 11g pipe, hehe.

I think it's all big business bushit. After the Telcom stuff in congress in 96 things got going well at first. I had NorthPoint 768KB SDSL with a static IP on my second pair (no filters) for the same $39-- server heaver. Then Verizon boned them in the ass by agreeing to merge and then pulling the offer after NorthPoint blew it's little wad in the excitement. NorthPoint was left in bankruptcy and Verizon bought their DSLAMs for pennies on the dollar. End result is a crap experience for the end-user. My parents gt the same package from Verizon as I have from my ISP because they get a reduced rate for the first months; but the speed is horrible. My ISP already said that they could assume the line after the deal is up.

There is no reason save beaurocracy as to why DSL can no offer me VHDSL speeds ecept that they are tech hoarders keeping the people locked out.

[NeddySeagoon]

pratttech,

All that a bigger pipe in the home does is move the bottleneck further upstream. I can only get 512/256 but I get a /29 at no extra change
_________________
Regards,

NeddySeagoon

Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail.

[dalek]

All I know is DSL is better than what I have. I currently have a 56K dial-up that only gets me 26.4K, sometimes 28.8K. I pay $16.00 now, it will be about $25.00 for basic, $35.00 for the one I really want. I would like to have a web server for my own web page and all but I doubt I can do that anyway.

I got a how to from here: http://www.vmunix.com/fbsd-book/ That should help me get started on BSD. Looks pretty easy, I may be wrong, usually am too.

Anyway, keep those ideas coming. This is going to be one locked down puppy. I hope I can still surf the web though.

Later


_________________
My rig: Gigabyte GA-970A-UD3P mobo, AMD FX-8350 Eight-Core CPU, ZALMAN CNPS10X Performa CPU cooler,
G.SKILL 32GB DDR3 PC3 12800 Memory Nvidia GTX-650 video card LG W2253 Monitor
60TBs of hard drive space using LVM
Cooler Master HAF-932 Case

[dalek]

On this BSD thing, do I need the GUI stuff or, like Linux, I can do without it?

I'm printing the how to now. Poor printer.

Later


_________________
My rig: Gigabyte GA-970A-UD3P mobo, AMD FX-8350 Eight-Core CPU, ZALMAN CNPS10X Performa CPU cooler,
G.SKILL 32GB DDR3 PC3 12800 Memory Nvidia GTX-650 video card LG W2253 Monitor
60TBs of hard drive space using LVM
Cooler Master HAF-932 Case

[pratttech]

[pratttech]

[dalek]

[dalek]

Before I waste more ink and paper, is this a good guide, and the right one to install?

http://www.realo.ca/BSDinstall.html

edit: maybe this one. http://www.openbsd.com/faq/faq4.html

Thought I would ask this time.

Thanks


_________________
My rig: Gigabyte GA-970A-UD3P mobo, AMD FX-8350 Eight-Core CPU, ZALMAN CNPS10X Performa CPU cooler,
G.SKILL 32GB DDR3 PC3 12800 Memory Nvidia GTX-650 video card LG W2253 Monitor
60TBs of hard drive space using LVM
Cooler Master HAF-932 Case

[NeddySeagoon]

pratttech,

My ISP is zen - www.zen.co.uk probably not a lot of use outside the UK.
_________________
Regards,

NeddySeagoon

Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail.

[pratttech]

[dalek]

Uh oh. Doing a bit of research still. I found out I have to buy OpenBSD. This ain't good since I have a lot to buy before I get DSL going. $40.00 is a good bit for me.

Hmmmm. < re-groups himself >

New plan?? Maybe??

Thinking it over now. What to do next.

Later


_________________
My rig: Gigabyte GA-970A-UD3P mobo, AMD FX-8350 Eight-Core CPU, ZALMAN CNPS10X Performa CPU cooler,
G.SKILL 32GB DDR3 PC3 12800 Memory Nvidia GTX-650 video card LG W2253 Monitor
60TBs of hard drive space using LVM
Cooler Master HAF-932 Case