Multihome advice - Level Extreme

Level Extreme platform

Subscription

Corporate profile

Products & Services

Support

Legal

Français

Multihome advice

Message

From

11/02/2002 14:59:21

Terry Hobart
Logic Gate Systems
Grass Valley, California, United States

11/02/2002 12:59:18

Michael Copeland
Genesis Group
Bartlesville, Oklahoma, United States

General information

Forum:

Linux

Category:

Networking, Installation and Administration issues

Title:

Re: Multihome advice

Miscellaneous

Thread ID:

00618167

Message ID:

00618533

Views:

Thank you so much for the advice. I was thinking along those lines also. I bought a Netgear RP114 router with that in mind. Unfortuneatly, I updated it with their latest firmware and it blew up. I am waiting for may RMAed unit as we speek.

I did still have a couple of questions. If I use the router I will still need to direct http for my website port 80, DNS port 53, SSH, & https (don't remember the ports) to my Linux server. Won't that expose me anyway?

Thanks again

Terry

>>I have a RedHat 7.2 installation with two cards that I am hooking to my DSL >connection.
>>
>>we exposed our mail server and it got hyjacked :-(
>>
>>Thanks VERY much in advance.
>>
>>Terry
>
>
>Terry,
>
>My advice is to save yourself a LOT of trouble and put a simple, $80 router between your DSL modem and your network Hub. I have installed 8 RH boxes in exactly the way you described above and found that:
>1. There is an ongoing maintenance issue as new versions of the servers (Apache, Sendmail, etc) are released to address security holes. If you don't upgrade, you risk being hacked since your RH box is completely exposed to the Inet.
>2. The setup on the router is MUCH simpler and more flexible (maybe I should say "EASILY flexible") than configuring your RH box.
>3. You can take down the RH box and work on it without depriving your network users their access to the Inet.
>4. Assuming that a Linux box can be used like a Swiss Army knife, while "nifty", is as goofy as assuming that Windoz will -someday- be stable and reliable. In other words, for each task use the best solution and don't force an oval peg in a round hole. It may fit, but you'll expend unecessary effort.
>
>The Linksys #BEFSR11 Router is rock-solid, very configurable, and inexpensive. It's been the best $80 I've spent on setups that are exactly like you are describing.
>
>I've converted 7 of my 8 installations to use this approach and it's a HUGE improvement. (And yes, I had two servers hacked because I didn't keep the distro's and/or server software on the RH boxes updated.)
>
>Hope this helps.
>
>Mike

It is impossible to make programs idiot proof. Idiots are too cleaver.

MCP( Tcp/Ip )

Map

View

Click here to load this message in the networking platform