Sounds impossible, but it's not. It can be yours very simply,
just so long as you know how to go about arranging the service.
Firstly you need to have a spare phone line into you premises.
If you already have a phone in the premises then it is quite probable that
there is a spare pair of wires available for a second service, so you need
to arrange to have this service activated. You will need to arrange
this with your telephone service provider. The type of service that
you require is a PSTN.
Next you need to arrange for an Internet access account. Go to BigPond Direct to see what is involved in setting up an Internet account with BPD. BPD acts as an IAP rather than the more normal ISP, though they do provide some services apart from just access.
OK, this is where we have to state our first caveat. You need to check where the nearest BPD POP is located (this information is available from the BPD web page, which we have already referred you to), and you need to ensure that that location is within the local, untimed, call area for your site. There is a BPD POP in Albury.
When you receive notification of the creation of your access account with BPD they will advise the telephone number to which you will connect and the static IP address for each end of this connection.
Now we need to decide just what you want to connect to the Internet. In brief it could be just a single PC running your choice of operating system or it could be a network of PCs running a mix of operating systems. An important consideration is that you will need to be very aware of the existence of some very undesirable and aggressive elements out there on the Internet. Often their only interest is looking for machines to attack or use as stepping stones to undertake attacks elsewhere, thus hiding their tracks. The implication is that your permanent connection will need to be able to control just what is, or is not, allowed into your system. This is usually referred to as a "firewall", or sometimes as a filtering router. Different operating systems have different strengths and weaknesses when it comes to firewalling. Unfortunately, MS Windows of any version is notoriously weak about firewalling, to the point of being almost non-existent, and it is only a matter of time before your system gets compromised, even more so as MS Windows is the preferred target of the "script kiddies". The main consideration is that your pet PC, indeed any important PC, should not be connected directly to the Internet, but should instead be networked to be connected through a firewall machine.
A firewall machine can be anything from a proprietary device costing several thousand dollars, down to a "roll your own" PC costing almost next to nothing and using an old machine that you have lying around. We have had quite considerable success at LANNet Computing Associates with the "roll your own" option and have developed firewalling rule sets that provide extensive protection and monitoring whilst still allowing controlled bi-directional access to the Internet. Our operating system of choice for this firewall is Linux. LANNet Computing Associates are able to assist you with the creation of your firewall using Linux.
One factor you need to decide is what type of configuration and services you want to offer at your site. You will also need to decide whether you want an Internet name that reflects your business [1], or whether you will be satisfied with the name that is allocated to you by BPD, which may not necessarily reflect your business [2]
If you want an Internet name that reflects your personality, or your business then you will need to register a domain name For most businesses domain names are registered with Internet Names Australia (INA). There are some restrictions on the domain names that you can choose and you will need to read their naming policy carefully to ensure that your selection is not rejected. A domain name registration with INA lasts for 2 years.
One reason that you might want to have a permanent Internet connection is so that you can establish your own Web site so that you can promote your business to the world; perhaps your own mail box server with each user having their own unique email address; an FTP site so that your clients can post diagnostics files and retrieve support files, etc.; and maybe a news server so that staff can keep abreast of enterprise related matters.
This resource with these public access servers needs to be visible to the Internet, but, as we have remarked earlier, should not be installed without a protective firewall. This precludes the IP address allocated by BPD from being used as your server address since this IP address will be used for your firewall connection to the Internet, so you will need a different IP address for your publicly accessible host. Our operating system of choice for the public access host is Linux, together with its associated services software. LANNet Computing Associates are able to assist you with the creation of your public access server using Linux.
In suggesting Linux for both the firewall operating system and for the public access server operating system, LANNet Computing Associates are suggesting what they consider to be the software that provides by far the most cost effective solution for your needs. Linux, and its associated distributed applications, is 'open source software' where all human-readable source code is either provided or is readily available, and more importantly, there are no associated software licence fees. Linux systems can be made to operate seemlessly with Windows systems.
When you make your application for your BPD account, you should also apply for BPD to allocate you a block of IP addresses. They should typically allocate you a block of 16 or 32 addresses. These addresses will most probably bear no resemblance to the static IP address that is used for your Internet connection, but it is from this address block that you will need to allocate addresses for your public hosts. You will need to understand how CIDR subnetting works if you are going to use this address block correctly.
All of the PCs on your network will need an IP address for each network connection. If you only have a few PCs then you could choose to allocate all your PC addresses from the BPD assigned block. Sometimes, however, you do not get enough addresses allocated to cover all of your needs. Well, in most cases you do not need all of your PCs to be seen by the Internet, but you might still want them all to be able to access the Internet, or you might want some of you PCs to be unable to communicate with others. All of these options are possible by means of private IP addresses and address masquerading or translation.
When data is transmitted between computers it is not sent as a stream of characters, but that stream is broken into packets of data and each packet has attached to it a header describing where the packet came from, its source, where the packet is going to, its destination, and information about the nature of the source and destination services required to handle the packet's data payload.
It is from this header information that routers can make decisions as to the correct interfaces onto which to target individual packets.
This header information can also be used to make decisions about whether a packet is to be permitted to continue to its destination, or is to be abandoned as being unacceptable, or whether the packet is to be re-directed to somewhere other than its intended destination. Decisions can also be made as to whether some of the header information should be modified before the packet is forwarded on, ie. masquerading.
An important point to note here is that the filtering decisions are made solely on the information in the packet header and that the payload data is not analysed at all. Hence there is no filtering undertaken on payload data content. This must be considered in light of the government's moves on restricting access to some material available over the Internet. If you wish to filter data based on it's content then you will need to implement a separate, and additional, filtering regime.
One more important consideration concerns viruses. Linux is considered to be highly immune to viruses, and can be readily checked for altered or replaced files. However, packet filtering does NOT in any way check, or protect, from viruses, especially the current rash which are Windows orientated and are being propagated through email systems. Extreme and constant vigilance is essential to prevent the spread of viruses, and all computer users must be educated on the likely access methods for viruses and the social engineering associated with their introduction.
| Facility | One-off Cost | Recurrent Cost | Notes |
| Establish account with BPD
PSTN on Option 1 pricing structure |
$500 | This includes the provision of the following facilities:
allocation of IP address subgroup provision of primary DNS service (optional) provision of secondary DNS service (recommended) provision of secondary MX (recommended) provision of news feed (optional) |
|
| Provision of PSTN phone service
Telstra taken as example |
cable exists, and is connected $50
cable exists, but not connected $173 |
If additional cabling is necessary then an additional charge may be applicable | |
| BPD service provision | 19c/mb incoming data
min charge $20/month |
1mb is 1,000,000 bytes | |
| Telstra PSTN service rental | residential rate $11.65/month
business rate $20/month |
There will be an additional cost of 25c for each time that the PSTN connection is established. Our experience is that connection dropouts occur at about weekly intervals, however this might vary widely depending upon line quality | |
| PC suitable for firewall/router | A nominal value of $200 should be allowed here to cover a modem of 33.6kbps, and a pair of Ethernet network cards. Most PCs with i486, or better, would, be suitable here | ||
| PC suitable for public access server | Most PCs with high speed i486 or Pentium processors with be suitable
here.
The power and capacity of this server will be very dependent upon the volume of traffic between it and the Internet |
||
| Arrange BPD account on behalf of client
Arrange telco PSTN service provision on behalf of client Set up working firewall/router |
$500 | This estimate is for a standard configuration defined by LANNet Computing
Associates with minor customisation
(optional service) |
|
| Arrange IP addresses on behalf of client
Arrange primary and secondary DNS and MX on behalf of client Set up working public access server |
$500 | This estimate is for a standard configuration defined by LANNet Computing
Associates with minor customisation
(optional service) |
[1] LANNet Computing Associates have registered
the domain name lannet.com.au
[2] As an example, the name assigned to LANNet is
howard1.lnk.telstra.net