[NTLUG:Discuss] proxies?

[chamster]

> On Saturday 01 September 2001 05:43 pm, Dennis wrote:
> > My question is, if I put another NIC in my machine, can my machine then
> > become a caching proxy server so she can access the 'Net through my one
> > connection?  I see the setup as the cable modem connecting to eth1, and
> > the hub for our network connecting to eth0.  I assume my computer would
> > basically become a router.  Have I got this straight?  

Pretty much although you may not need the caching aspect for a two machine
setup via high-speed Internet.

One general warning though is that you want to be sure that the machine
connecting to the Internet is secure as possible as it is the gateway for
the rest of your network and it is accessible to the Net. So, using your
file server, FTP, webserver, or the machine where you do a lot of work as your gateway would
be a bad idea. If the gateway got compromised, you are in trouble.

A safer way is to either establish a dedicated Linux box as a
router/firewall (and nothing else)  or to do something like the previously
mentioned LinkSys DSL/Cable router/firewall which will give you a decent
firewall out of the box.

The former gives you more flexibility and power. However, the due diligence
effort may be more than some are willing to do, you need another machine
(a 486 or low 586 will do nicely) and an improperly configured
firewall is sometimes worse than a hardened machine with no firewall in the
sense of the false security it coveys. The latter gives you decent
protection out of the box, but you lose out on knowing what's going on.

There are some firewall-only type of Linux set-ups running around if you
don't want to totally roll your own and want some help in setting up a
dedicated firewall. People say nice things about smoothwall.org.

Steve