Timothy Wilson wrote: > My broadband was just connected and I have rejoined the Internet age following > my four-month stint as a lowly dialup user (with apologies to other lowly dialup > users :-). My new place is thoroughly wired and I'm ready to assemble a home > network. I was hoping to get some thoughts on the issue. > My thought is that this rig will be a fun learning environment for me so I was > planning on using the Athlon for a LAN file server and the PIII as a Web server > for my personal Web site. The Linksys router has a dedicated DMZ port that I was > planning to use unless someone knows of a good reason not to. don't most of those router/firewall things put the dmz port on the same network as the rest of the boxes on your "inside" LAN? If so, using the dmz port would be a BAD idea. also the wireless AP, if it's going to be open to the world, should be in a DMZ, a different network from your inside LAN. > I'd like to learn LDAP so I was planning to use it for authentication throughout > my LAN and as an addressbook for my email apps. I would like to be able to get > at the addressbook information from the Internet, but I don't want to expose my > more sensitive LDAP parts to the world outside my LAN. Any suggestions? run your ldap server in a box on your inside network, and create (or find a web-based tool) to access ldap. Restrict access to the website and run it over SSL. something like https://secure.yourdomain.com and put all your important stuff you don't want others to have access to there, eg, webmail, your ldap lookup, etc. If you don't put your webserver in a DMZ, you'll have to port forward to it. -- scot _______________________________________________ TCLUG Mailing List - Minneapolis/St. Paul, Minnesota http://www.mn-linux.org tclug-list at mn-linux.org https://mailman.real-time.com/mailman/listinfo/tclug-list