Differences between version 6 and previous revision of MetaNetConfiguration.
Other diffs: Previous Major Revision, Previous Author, or view the Annotated Edit History
| Newer page: | version 6 | Last edited on Thursday, June 5, 2003 9:52:05 pm | by JohnMcPherson | Revert |
| Older page: | version 5 | Last edited on Tuesday, May 27, 2003 11:08:20 pm | by MattBrown | Revert |
@@ -59,14 +59,21 @@
You are now properly on the !MetaNet. You should now be able to visit http://www.tla/
!Other clients on your network
-Make sure any clients on your network that you want to resolve !MetaNett
addresses have the address of your nameserver as the first nameserver in /etc/resolv.conf, or their native DNS configuration. You can put your [ISP]'s nameserver after it as a precaution, if you like.
+Make sure any clients on your network that you want to resolve !MetaNet
addresses have the address of your nameserver as the first nameserver in /etc/resolv.conf, or their native DNS configuration. You can put your [ISP]'s nameserver after it as a precaution, if you like.
-!Root CA
+!!Firewalling
+see FirewallNotes and PerrysFirewallingScript. Although you should be able to mostly trust other people on the metanet, you should at the very least do some basic firewalling.
+
+For example, samba/nmbd does broadcasts that will go across the metanet. You can either block traffic to and from the metanet on ports 137, 138 and 139 (both [TCP] and [UDP]) or you can add the following in smb.conf's global section:
+ bind interfaces only = yes
+ interfaces = 10.x.y./24
+
+!
!Root CA
The !MetaNet has a CertificateAuthority that it uses for signing SSL websites and potentially other cool stuff. To add this "root CA" to your browser, visit http://www.meta.net.nz/install-cert.html
Now, go to MetaNetResources to see what you can do with your new internetwork.
-----
[1] The reason is if you use a forwarder, then all queries get forwarded to the other server and it won't be able to resolve metanet names and addresses.
