Advice sought on machine web-server safe
STYMA, ROBERT E (ROBERT)
stymar at lucent.com
Thu Nov 17 19:36:44 UTC 2005
>
> I assume I am using NAT,
> since I have a number of other computers (Linux and Windows)
> attached to the above machine,
> and they access the outside world through email and the web.
>
Hi Tim,
To see if you have NAT, look at your ip address
"ifconfig -a" on linux and "ipconfig" on windows.
If you are using nat, you will probably see an
ip address in starting with 10.something or
192.168.something. If your IP address is something
else, there is a good chance NAT is not in effect.
You can double check by looking at:
http://www.swlink.net/~styma/REMOTE_ADDR.shtml
If is a short shtml page which displays the
IP address you appear to be as viewed from the
outside. If this address matches the address
viewed on your linux box, then your box is directly
exposed to the Internet and the discussions
on IP tables, selinux, and other protective measures
apply directly to you.
If you would like a simple way out, you can consider
getting an inexpensive DSL/Cable router. On ebay you
can pick one up for under $30 with shipping. I happen
to like the Linksys one, but the Netgear and SMC work
too. It sits between your Linux box and the adsl modem.
By default it will not let anything in. It will also
assign you an IP address in the 192.168.1 range. Or
you can just hardcode an address for your Linux box in
this range. You then tell it via a web interface
to forward port 80 to your Linux box running apache.
There are other ways of accomplishing what you want,
but I consider this one to be simple and effective.
Bob Styma
More information about the fedora-list
mailing list