discuss: proposal: Secure Internet for Small Office / Home Office HOWTO
Subject:
Re: proposal: Secure Internet for Small Office / Home Office HOWTO
From:
Coert Vonk ####@####.####
Date:
1 Mar 2005 00:00:44 -0000
Message-Id: <5f5c317a05022816001817c5c4@mail.gmail.com>
Good suggestion to change the name. I just did so.
> Also, there are a couple of minor things in the document that I had
> In Section 2.2 after "Make<<EOF" and Section 3.3.1
> under "fdisk $FLASH_DEV<<EOF" there appear to be some screenshots of
> just random characters. I'm assuming some information got left out by
> mistake.
This is not a mistake, but actual input to the make and fdisk commands.
> Also Section 5.1 mentions the class B reserved range
> 172.16.0.0/12, but in the not below it is left out. Again, I'm assuming
> it's just a typo.
No typo. We all know the networks reserved for private use. It took
me a while to discover that only a subrange of those networks could be
used when you are running a VPN from a client (in this case the
Shiva/Intel VPN client). Guess the implementors of these VPN clients
made a compromise between being secure (all traffic had to go through
the VPN) and using split tunneling (some traffic goes through the
VPN). In this case traffic to those subranges does not go through the
VPN, and allows you to access other computers on your local LAN.
thanks for the response,
Coert
On Fri, 25 Feb 2005 19:39:28 -0600, David Horton ####@####.#### wrote:
> Coert wrote:
> > What once started as a simple notebook has grown into a document that
> > might prove useful to others.
> >
> > The HOWTO describes how to bring up your own Firewall, Wireless Access
> > Point and VPN Server on a single board computer. It currently uses
> > the Geode SC1100 and Atheros WiFi NIC, but could easily be extended to
> > include other hardware, drivers and services. For me it has been a
> > fun project, and others might enjoy it too.
> >
> > While there are many HOWTOs describing some of the details of this
> > document, I have not been able to find a complete description on how
> > to bring up a system and make all the services work reliably.
> >
> > The current draft of the (docbook) document can be found at
> > http://www.cybcon.com/~coert/linux/siso/index.html
> >
> > If there is an interest, I can contribute the document to the LDP.
> > Suggestions for improvements are welcome. Please let me hear what you
> > think.
> >
> > Cheers,
> > Coert Vonk
> >
>
> Coert,
>
> It is difficult to find good information about installing Linux on a
> single board computer. Your howto does a good job of covering the
> topic. I think it also fills some gaps in the TLDP collection
> concerning the topics of installing to CompactFlash, PXE booting and
> busybox/ulibc.
>
> What do you think about changing the title slightly to let people know
> that the HOWTO covers installation onto a single board computer? Maybe
> "Secure Internet *Appliance* for Small Office / Home Office HOWTO"
> Otherwise people might think it's an Internet security howto for any
> common off the shelf distro.
>
> Also, there are a couple of minor things in the document that I had
> questions about. In Section 2.2 after "Make<<EOF" and Section 3.3.1
> under "fdisk $FLASH_DEV<<EOF" there appear to be some screenshots of
> just random characters. I'm assuming some information got left out by
> mistake. Also Section 5.1 mentions the class B reserved range
> 172.16.0.0/12, but in the not below it is left out. Again, I'm assuming
> it's just a typo.
>
> All-in-all I think it looks like a very good document and would be a
> good fit for TLDP's collection. The DocBook markup is already done and
> the license is compatible. I would recommend that TLDP include it in
> the collection.
>
> David Horton
>
>
