On Monday 08 January 2007 09:53, Dan <[EMAIL PROTECTED]> wrote about 'Re: [gentoo-user] [OT] Router for ssh tunnel/SOCKS proxy': > I am not sure what you mean by this, but I do hope you'll consider > using a normal commodity PC as your router.
He's already got a home router. Some Netgear model (see below). If the only thing your network is accessing the Internet, then a PC can work as a router effectively. However, if you want to take advantage of gigabit speeds (or more than a dozen 100mbit ports) you'll definitely want a dedicated solution -- the PCI bus just can't keep up. Maybe there's a solution in PCIe or PCI-X, since they do increase bandwidth, but I've yet to see a standard PC configured to handle that much bandwidth. > are you sure you want the internet traffic to go through the wifi > provider's ISP, through the worldwide web (tracepath gives routes that > you may find surprising for traffic in the neighborhood will often go > accross the nation for me), back through your home ISP, and into your > home network, then back again through your home ISP and back into the > world to the computer whose website you are attempting to browse? That's > a pretty convoluted trip. Well, by making that trip he does prevent attempts to sniff his data by the wifi provider (or when using non-secure wifi, anyone within range of his transmission). It sounds like he's setting up a ssh tunnel from a trusted system (his laptop) to another trusted system (his router) so his (plaintext) data can't be intercepted. (It could be intercepted as ciphertext but there's no good attacks against as ssh tunnel.) Note that SSL/TLS traffic doesn't gain any security by going though the tunnel and unencrypted traffic can still be sniffed on it's way between the trusted router and the server. -- "If there's one thing we've established over the years, it's that the vast majority of our users don't have the slightest clue what's best for them in terms of package stability." -- Gentoo Developer Ciaran McCreesh
pgpyCHQOkfgwK.pgp
Description: PGP signature
