RE: PPP / ADSL / demand / GUI prompt question
H.S.:
> 3. Make a shortcut on everyone's desktop to call the pon command ("sudo
> pon dsl-provider").
Thanks for that suggestion H.S., yes I think my 'guests' could manage that. I have added my guest accounts to the 'dip' group so the shortcut wouldn't need to use 'sudo'. However, in light of other replies I think I am probably going to try to go with the 'always connected' option.
Stan Hoeppner:
> Your DSL modem connects to a DSLAM, not POTS.
(*quickly looks up what DSLAM stands for on Wikipedia*) I knew that :-)
> You must have been a long time POTS modem dialup (or worse on top of
> that, AOL) user given your goofy preference to see a dial on demand GUI
> box. xDSL is an "always connected" technology. There is no reason to
> ever "hang up". Thus, just configure the PPPoE client to stay
> connected, or re-connect should the PPPoE session be dropped for any
> reason. And have it do it all in the background. There's no need for
> user interaction, none whatsoever.
Thanks for explaining that, which I wasn't 100% aware of. I thought maybe some ADSL providers charged by time connected the way they do with dial-up, although I knew mine didn't. I think maybe you have cured me of my Stockholm syndrome = GUI dialog neediness.
Actually I have been using ADSL a lot longer than I was on dial-up, and no I have never been an AOL customer. I long ago imbibed the Unix philosophy of 'do one thing and do it well' and I expect my ISP to follow that maxim too.
> Regarding a broadband router, it's not about "need", it's about
> convenience and ease of use. It also adds a layer of security
> protection due to NAT and SPI, especially if you've not configured
> iptables on Linux to provide a packet firewall. And, configuring the
> firewall features of a broadband router is a helluva lot simpler than
> iptables.
I don't understand much of this (yet) but it comes back to the fact that (I feel) I have had convenience and ease of use with Windows, and I already have (almost all of) the same level of convenience and ease of use in my Debian installation, with this hardware. In fact with your comments that I should be connected all the time, and Kevin's advice about how to configure that, I hope to reach an even greater level of ease of use with Debian.
Coming back to what you have written though, it sounds like I'm not really aware of what types of attack I might be vulnerable to with my current setup, running Linux. Since I imagine that could be quite a big topic please feel free to just provide a link rather than take up more of your time explaining stuff (but if you want to explain that would be great). On Windows I used a software firewall (ZoneAlarm), does this concept not transfer to Linux? I was kind of hoping it didn't simply because Unix's intrinsic security made firewalls unnecessary – wishful thinking?
(Aside: I tried to look up what SPI stands for, but Wikipedia lists at least 4 different things in the field of computer networking! Is it System Packet Interface, Security Parameter Index, Service Package Interpreter, Stateful Package Inspection?)
Kevin Ross:
> If you want to have your connection be established on bootup, the "Debian
> way" is to add your PPP connection to your /etc/network/interfaces file,
> like:
Thanks for that Kevin, I will definitely be trying this as my next line of attack (when I have more time to spend on it). I will post back to the group with the result.
> Then, in your ppp options, add the "persist" option, which will cause your
> connection to automatically reconnect should the connection be lost. Remove
> any "demand", "idle", or "holdoff" options.
I already have the 'persist' option. It was mentioned in the instructions I found to get the DSL modem working in the first place with pon and poff.
> For security, you'll want to add a firewall. I use shorewall myself, and
> like it.
Thanks, I will look this up.
> That's how I had it setup before I switched to a DSL provider that used DHCP
> instead of PPPoE.
My current ISP uses DHCP – does that change anything you've written?
> Hope this helps!
It definitely sounds like it will, thanks.
Reply to: