|
simple firewall question
I'm missing only one point for IP filtering:
If i only put 127.0.0.1 in trusted host of my firewall (Firestarter), other stations in my small home network woul'd be able to connect to it (via samba, etc...). If i add 192.168.1.0/24 in trusted host, now everything works for sharing, etc.... Now's the question: can people from the internet connect to my machine if I put this trusted network (192.168.1.0/24) in my firewall? Can someone over the internet could actually get into a remote network under a local IP like 192.168.1.x ??? If anybody could answer or show me a link that describe this subject??? THANKS! |
no. unless you have your public ip address forwarded to a machine on your trusted network. I use guarddog and it has the config section divided into an "internet" and "local" side. So that whatever you specify on the "internet" side people can see and likewise for the local side.
http://wwww.simonzone.com/software/guarddog/ |
public ip address
The public IP address is the one I get for my ADSL modem, from my provider? (I suppose)
OKAY... So this kind of setup is safe: ADSL modem -> router -> workstations (each one setup with a firewall which block everything except 192.168.1.0/24 and 127.0.0.1) ... i've check at grc.com for sheildsup... and I saw that my connexion is done via a 2xx.x.x.x address... So, no 192.x.x.x IPs seems to travel over the web... That's good news...! :cool: |
From RFC 790, http://www.faqs.org/rfcs/rfc790.html, we can see that there is no chance to meet a 192.168.xxx.xxx adress in internet because it is a reserved ip range
Also try that to get your external ip ;) curl -s http://www.whatismyip.com | perl -ne 'print $1 if / (\d+\.\d+\.\d+\.\d+).*<\/T/' |
|
| All times are GMT -5. The time now is 01:32 PM. |