Home
11:46 06/09/2006

current projects

in
this post is essentially intended to myself.
It's a list of current network projects and ideas I have at the moment. Some of them are very specific and might sound like complete chinese to some of you. Sorry for that. The list is not in a particular order. It's a just a splash out of my brain so I can refer to it and not forget it as well. Here it is :
  • Complete the opening of the wireless network around my house.
    Marie's laptop has been on a wifi network for a little more than a year now and traffic was originnally encrypted with standard WEP-128. Because this standard can be broken very easily, I implemented a ssl VPN between the laptop and the gateway server on top of wep. I then got rid of wep in order to provide free access to my neighbours. Until recently, nobody tried to connect but then Sharon tried and due to her work laptop couldn't. It still pinpointed the eventual difficulty for a non-technical person to configure their laptop/PC/handheld to use the wifi network.
    I need DHCP to work on the wireless zone so that eventual users don't have to manually configure IP addresses to access the internet through the gateway.
    I also need to install DANSguardian on the gateway in order to provide safe access to the internet and cover myself from many problems.
    I finally need to close direct access to the internet and force the gateway settings trough DHCP or transparent proxy.

  • Migrate shorewall on the gateway from 2.2 to 3.0, essentially to explore new possiblities and see if the features I would like have been implemented. The main feature is a flexible log so that syslog-ng can help log exploration.
    I also want to deepen my knowledge of shorewall and don't really want to do anything before being at version 3.x as the configuration files changed between 2.x and 3.x.

  • Have drupalfr live. We should have been up and running on this domain with new theme and all on the first of september 1st. We haven't been live because of the holidays of everybody. But I think we need to get things going now !

  • Activate port knocking on the gateway. Remote access to my servers is still wide open. Authentication is based exclusively on public key, so i don't risk much but another layer of the security lasagna can not be a bad thing.

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <blockquote>
  • You can enable syntax highlighting of source code with the following tags: <code>, <blockcode>. PHP source code can also be enclosed in <?php ... ?> or <% ... %>.
  • Lines and paragraphs break automatically.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Images can be added to this post.
  • Image links with 'rel="lightbox"' in the <a> tag will appear in a Lightbox when clicked on.

More information about formatting options