| 1 |
> > > I have shorewall set up on my router but I haven't set up anything |
| 2 |
> > > security-wise for my laptop which normally sits behind the router. |
| 3 |
> > > What should I be setting up on the laptop in preparation for traveling |
| 4 |
> > > and connecting via a foreign network or even directly to the Internet? |
| 5 |
> > > I don't run sshd on the laptop. I would think shorewall, but am I |
| 6 |
> > > forgetting anything? |
| 7 |
> > |
| 8 |
> > At the very least I'd do the following with iptables: |
| 9 |
> > |
| 10 |
> > iptables -P INPUT DROP |
| 11 |
> > iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT |
| 12 |
> > iptables -A FORWARD -i eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT |
| 13 |
> |
| 14 |
> This line is only needed if you want to forward packets to another |
| 15 |
> iface/device (i.e. when your laptop is acting as a router and the input |
| 16 |
> interface is eth0). |
| 17 |
|
| 18 |
Alright I guess I'll just set up shorewall on the laptop with a config |
| 19 |
similar to the router's. Maybe I'll set up shorewall on the other |
| 20 |
system in my local network while I'm at it. |
| 21 |
|
| 22 |
- Grant |
| 23 |
-- |
| 24 |
gentoo-user@g.o mailing list |
Archives