- You turn your computer off?
Personally, I keep mine on 24/7… I hate waiting for reboot, and I’m more attatched to my PC than most… usually first thing I do when I get up is go to the computer, and last thing before bed is get off the computer (and turn off the monitor… that could do without 24/7). As I understand, it’s actually better for your PC… there’s not really much of any stress while running (unless your system isn’t properly cooled), and the surge of power going on/off as well as the heating-up and cooling down of components are more harmful. Only thing in the PC I can think of where this wouldn’t apply is the HDD because of moving parts, must most modern drives and PCs support great power-saving options. My HDDs spin down and go on standby after 30min inactivity.
Besides… if you want to use it as a web server, wouldn’t you run it 24/7 anyhow?
- You connect straight PC -> DSL modem?
I’d be vary carful with this. Neither of the broadband providers I’ve used have provided any means of security. If you have no kind of firewall on your system right now and it’s Linux, I can’t help much, but if it’s Windows, stop what you’re doing right now, go to Zone Labs, download Zone Alarm, and install it.
After that, I’d like to suggest some type of home-router. I can highly recommend Linksys products. This is the model I’ve been using for over 4 years. 4 years ago, it was around $140-160 USD, but I think you can get them around $100-120 now, probably less. The only other one I’ve tried is from 3Com, and it’s a POS… could’ve killed dad for wasting money on it.
The home router is going to do 3 things for you.
1, it’s going to provide a high speed 4 port switch (100baseTX, “Fast Ethernet”), with a 10BaseT Ethernet port for the cable or dsl/adsl box. I’ve never actually been able to find any specifications on the backplane speed for any home or small office switch I’ve found… this one should be 400mbps, but probably not, though if it’s not, I doubt you’d ever notice it, I haven’t with 5 PCs in one house).
2, No matter how many PCs you run though it, your ISP sees only 1 device, the router. These things use NAT (Network Address Translation) to determine which PC to route packets to. The router gets the IP address from the ISP, and your PCs all use reserved private IPs (Usually the 192.168.1.2 - .254 block, and the router is 192.168.1.1). You can even set it up to use DHCP (default is usually to have the DHCP server on), with this, you won’t have to set up the PCs, they’ll automatically get all the network information from the server (on the router). The router then monitors traffic, keeping track of which internal adresses opened which tcp/ip sessions, and routes everything accordingly.
3, the NAT server on the router will also provide an instant layer of firewall protection. Mostly because you can only initiate tcp sessions from your pcs on the inside, and sessions cannot be started from outside the LAN (unless you set it up to allow that, and then only on certain ports). I used to know a good place on the net that’ll scan your ports for you (sales tool… because once they find them they can say, "See, you’re vulnerable, buy our firewall!) …last time I tried it was after I got the Linksys set up, not only were all my ports unavailable, they were stealthed (meaning they didn’t even respond with a “No, this port is closed” message). On the Linksys, you’ve got a number of additional options, such as selecting certain internal IPs that cannot access the internet (and the internet can’t access them, hehe), or certain port ranges. Although, if you really want to keep one of your PCs unavailable to the outside world, I’d filter the MAC addy too, just in case the IP changes, the MAC won’t (unless you swap out the hardware). Before I got this, I was running ZoneAlarm, I don’t know how many times per day (dozens, at least) that it blocked suspecious behavior (mostly portscanning, and other benign requests, which would open the door to not-so benign stuff), after I got behind the Linksys, it dropped to 0 per day, hehe… instantly noticeable.
Finally, no problems running your web server, you just enter the setup and forward that port (should be port 80) to the IP of the PC you’ve got the server on… just make sure you got that one buttoned down, always watch for the latest exploits for your server software, and keep up with all the latest patches.
I’ve put up a couple screenshots of the Linksys setup pages, which you can access (yours, not mine, hehe) by putting it’s IP addy in your web browser’s address bar, password protected (change the password as soon as you get it, if you get one, default is just “admin”), and it can only be accessed from the internal LAN (unless you’ve got some reason to set it up otherwise.
Basic setup page. Don’t know why, but I’m a bit leery about putting out the MAC addresses, I blacked 'em out. Notice the internal addy of 192.168.2.2 … this is because my dad bought the 3Com router because I needed a switch (ARGGGG)… the 3Com is on 18.104.22.168, and won’t let you reconfigure the simplest of settings like it’s internal IP (POS), so I had to change the Linksys and our ENTIRE network to work around it, but I still beat that thing into functioning as just a switch, hehe.
I’m not running any services at the moment, but in the past I have run a MOO server for testing, and forwarded port 7777 to my linux box. Oh, and one time, briefly, I had a friend who’s IP was blocked from an IRC server, so I forwarded another port and let him SSH in to log into the IRC server with my IP addy (I trusted him, and I didn’t use that server anyhow, hehe). Can’t remember what port that was… I don’t think SSH runs on the standard telnet port.
Can’t see it, but at the bottom there’s some more advanced functions… this part lets you forward ports, but they’re the same ports inside and out (you forward port 80, and it’s going to port 80 on your PC), but you can map them any way you like, such as forwarding port 80 to port 5000 on your PC… just a little more flexibility.
Dang… almost 7am… I wrote a lot… mull it over, I hope this helps some.