[MUD-Dev] Mud Network Setup
emil at eifrem.com
Sat Mar 4 13:59:17 New Zealand Daylight Time 2000
At 07:17 AM 3/4/00, "Dominic J. Eidson" <sauron at the-infinite.org> wrote:
>If you choose to go the NAT/IP Masquerading route, I'd suggest reading the
>IP Masquerading-HOWTO (or mini-howto) - it has a nice short step-by-step
>process for doing this. As for how feasible this is to do - we do NAT at
>work (we have approx. 2500 machines on our LAN/WAN, all firewalled/NAT'ed
>through one poor Ultra10...
Having just gone through this with my network at home, I found the
TrinityOS document to be an *extremely* useful write-up. In fact, I
consider it to be of class "epiphany" for network security and -setup along
with books like _Design Patterns_ by GoF for OOAD, _Thinking in Java_ by
Eckel for Java and Stevens' TCP/IP books for network programming.
(Don't be confused by the .wri -- it's really a text file, but he writes it
in Wordpad (hmmm) and likes to keep the extension for some reason.) The
TrinityOS document walks the reader through creating a flexible and
*secure* Linux box; covering pretty much everything, from choosing
distributions to installing tripwire (and IP masquerading, I should prolly
point out). It's very pragmatical, practical and easy to read. I found it
an immense help.
On that topic, you might wanna check out Bastille Linux which basically is
a shell script that you're supposed to run after your fresh Red Hat
installation (it may cover other distros, I'm not sure) and it will walk
through your box, asking you questions and then patch the (myriad, I might
add) of security holes left in a fresh install.
I haven't tried Bastille Linux myself, but from what I've heard it's a nice
and quick way to tighten up security considerably when you don't want to
spend a zillion years reading up on Unix security.
[ - - - -
Emil Eifrem [ emil at eifrem.com || www.eifrem.com ]
Coordinator of the Jamu Project [ www.javamud.org ]
- - - - ]
MUD-Dev maillist - MUD-Dev at kanga.nu
More information about the MUD-Dev