Made Linux Box a Wireless Router for Hosting a LAN game. How do I make it secure?
Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Made Linux Box a Wireless Router for Hosting a LAN game. How do I make it secure?
I live at a college dorm, and the people around here like to play Wolfinstein: Enemy Territory. Each dorm room comes with two Ethernet ports, which gave them a couple limitations:
1) Only two people could play in a room
2) Anyone playing would need an ethernet cable, which in a dorm with free wifi, is rare.
I offered to let them use my Linux Desktop as a wireless router and host a couple people. I have an atheros based wifi card with an ethernet port. I connected the ethernet cable to the school's internet, and setup a dhcp server on my PC and set it to Master mode. I will set up a WEP/WPA key later tonight, I think the school requires it for anyone to sets up a router, but I have a few questions about additional security:
1) Should I allow anyone connected to my wireless to access the internet?
2) Should I worry about setting up a chroot environment or something?
3) What other precautions should I take for their safety?
It's a pretty small dorm, and I know of only one other person here that uses linux, but he isn't too into it. Would a WEP/WPA password be adequate protection?
Also, if my linux box is connected to the ethernet port, will other PC's connected by ethernet be able to contact PC's connected to by linux box?
1) Should I allow anyone connected to my wireless to access the internet?
No, dont open your self up to that. In my state you are liable if someone uses your equipment to search out kiddy porn or hacks into something.
Quote:
3) What other precautions should I take for their safety?
let them worry about their own safety. but for the safety of your box turn on the firewall and only open what you need for ports/protocols
Quote:
Would a WEP/WPA password be adequate protection?
for most end users yea
Quote:
Also, if my linux box is connected to the ethernet port, will other PC's connected by ethernet be able to contact PC's connected to by linux box?
depends on how the network is setup. if you are all sharing a switch then sure. Turn the firewall on (i cant say that enough). when your on a LAN every one is assumed friendly...
Last edited by watcher69b; 11-09-2008 at 02:34 PM.
For this all to work, I need to have it setup like this:
In my room there are people on laptops connecting to my PC, which is connected by ethernet to the school's router and dhcp server, which connects the users using ethernet in other rooms, as well as the internet.
Is it possible to deny access to the users in my room access to the internet, while still allowing access to PC's on the school's LAN?
wireless clients connect to your PC via Wi-Fi.
your PC is connected to the schools LAN via eithernet; effectivly acting as a bridge.
The LAN is connected to the I-net
If you wanted to limit your clients to be able to only access other wireless clients and your PC then yes I believe you could. To keep them from the internet by not setting a defauly gateway on the wireless NIC in your PC.
However they would not be agle to access the schools LAN just the private LAN that you would create.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.