On Tuesday 25 September 2001 22:50, you wrote: > Quoting Rodney Ray (Rodney.Ray at childrenshc.org): > > I just got a cable modem with ATT and was wondering what people have for > > firewall and router. I don't know much about this area so any help would > > be good..... Is it ok to run both functions on the same box or is it > > better to separate them? What is the best method of attack? > > Better to have seperate boxes. I think you get the router from ATT, you > won't need that, but you have lots of choices for firewalls. > > Maybe tell us(?) me about what you what to do with your new link and people > can give recommendations on what is best. To echo Scott's comment on the "cable modem" from what I know about them they function primarily as a protocol converter. The are a "tuned" cable receiver to get the data channel and then they convert from that to ethernet. For practical purposes the cable modem is a "router" in that there is an internal address for the cable port that is on a different subnet than the DHCP address you get assigned, or the statics you buy. I had a Samsung "powered by Cisco IOS" but you couldn't get into the box to look at the config from the ethernet side, only the cable side. As far as simple configuration I've used the IPChains module for Webmin and been very happy with it. The module provides three levels of rule setting from a simple low, medium, high, lockout type setting to complete control of the ipchains. The middle ground "template" level gives you enough control without having to learn the IPChains syntax. Rumor is the author is working on an iptables/netfilter version of the module. -- Jack Ungerleider jack at jacku.com