Chapter 11. Building a Linux Gateway
So far, we have examined how to set up wireless clients and access points. We have examined how to use the clients and access points to secure the wireless network. The key piece that brings all of this together is the gateway. The gateway will connect the wireless network and any local wired connections to the Internet itself. Because of its role as the central connecting piece of the network, the gateway is also an ideal place to provide more layers of protection: separating the wired and wireless networks from each other and, from the most persistent source of attacks, the Internet.
It is safest to configure and secure the gateway completely before ever connecting it to the Internet. Perform the initial install from a CD, and secure the box before connecting. If you connect a freshly installed, insecure computer to the Internet, there is a good chance it will be hacked before you have it fully set up. The current record for time from connection to completely hacked (to our knowledge) is 17 seconds.
Laying Out the Network
The gateway will have three network connections. The first is a connection to an ISP providing access to the Internet. This could take the form of a dialup, DSL, a cable modem, or higher bandwidth forms of access. In this chapter, we will approach it as an Ethernet card communicating with an external device that handles the connection. (This is commonly how DSL and cable modems work.) Throughout the examples, the Ethernet ...