I currently have my first nic on my LMCE box plugged directly into my DSL modem as per the network instructions that I was reading on how to set this up. My first question is, isn't this an unsafe practice? I was under the impression that you should always have a router or some sort of firewall directly after the modem. .
My other question is, my second nic is plugged into the internet port on the back of my netgear router and the rest of the computers on my network are plugged into the ports 1 and 2. So my question is, is this correct or should the second nic on my LMCE be plugged into port 3?
Another thing I just noticed is my netowrk settings.
EXTERNAL_IFACE eth0
EXTERNAL_MAC 00:13:D3:C8:DF:31
XTERNAL_IP 192.168.2.3EXTERNAL_NETMASK 255.255.255.0
XTERNAL_DHCP 1
INTERNAL_IFACE eth1
INTERNAL_MAC 00:13:D3:C8:DF:32
INTERNAL_IP 192.168.80.1
INTERNAL_NETMASK 255.255.255.0
GATEWAY 192.168.2.1
DNS1 192.168.2.1
DNS2 192.168.2.1
If I am plugged directly into my DSL modem why am I pulling a 192.168.2.3 for my external IP? If I am attached to my modem directly with no router, shouldn't that show a public address. Speaking of which how do I go about finding out what my public address is?
Quote from: sincityharley on October 22, 2008, 08:00:43 AM
I currently have my first nic on my LMCE box plugged directly into my DSL modem as per the network instructions that I was reading on how to set this up. My first question is, isn't this an unsafe practice? I was under the impression that you should always have a router or some sort of firewall directly after the modem. .
No, routers have no part to play in network security. Whoever told you that was mistaken. Firewalls and private subnets have a part to play, neither of which are the exclusive domain of routers. Most DSL "modems" are actually routers anyway.
Quote from: colinjones on October 22, 2008, 01:41:49 PM
No, routers have no part to play in network security.
I understand what you are trying to tell, but from a network perspective the separation of broadcast domains can benefit security in some cases.
best regards,
Hari
Hari - I think to stay within the context - from a passive DoS situation that separation could be important as you point out, but you don't need a router for that (my point was that they can do these things but the are not the "exclusive domain" of routers). I think it seems clear he was angling at private subnets rather than broadcast domains for eth/ip (which have no relevance to routed traffic except for DoS or DDoS, as I'm sure you'll agree)
Quote from: colinjones on October 22, 2008, 02:14:05 PM
(which have no relevance to routed traffic except for DoS or DDoS, as I'm sure you'll agree)
Hehe, I'm aware that my note was out of context :-) But I had to correct that sentence.
Btw, with a bit of arp spoofing you would be amazed how fast this could also affect your routed traffic :-)
best regards,
Hari
Quote from: sincityharley on October 22, 2008, 08:31:38 AM
Another thing I just noticed is my netowrk settings.
EXTERNAL_IFACE eth0
EXTERNAL_MAC 00:13:D3:C8:DF:31
XTERNAL_IP 192.168.2.3EXTERNAL_NETMASK 255.255.255.0
XTERNAL_DHCP 1
INTERNAL_IFACE eth1
INTERNAL_MAC 00:13:D3:C8:DF:32
INTERNAL_IP 192.168.80.1
INTERNAL_NETMASK 255.255.255.0
GATEWAY 192.168.2.1
DNS1 192.168.2.1
DNS2 192.168.2.1
If I am plugged directly into my DSL modem why am I pulling a 192.168.2.3 for my external IP? If I am attached to my modem directly with no router, shouldn't that show a public address. Speaking of which how do I go about finding out what my public address is?
That 192.168.2.3 ip is probably of the same format you've always been receiving from your DSL modem and just didn't notice, by default LMCE use the 192.168.80.x addresses for the internal network.
To find the IP from your ISP, I use: http://whatsmyip.org/
Quote from: hari on October 22, 2008, 08:09:41 PM
Quote from: colinjones on October 22, 2008, 02:14:05 PM
(which have no relevance to routed traffic except for DoS or DDoS, as I'm sure you'll agree)
Hehe, I'm aware that my note was out of context :-) But I had to correct that sentence.
Btw, with a bit of arp spoofing you would be amazed how fast this could also affect your routed traffic :-)
best regards,
Hari
agreed, and I'm more than happy to go off on tangents (esp in threads that are getting spiteful otherwise :) )