On Tue, 23 Nov 1999, Gordon Messmer wrote:
> I'd like to apologise for what was probably some really bad
> advice, and thank those people who made that clear :)
Yer welcome. Our pleasure.
> The network model does NAT itself, so it's basically a secure
> firewall/hub all by itself.
Bah.
<paranoia>
Don't trust it. Who knows what vendor support backdoor passwords are
on it? What if it doesn't properly implement NAT for a protocol you
want to use? If you're running a Linux firewall then convince your DSL
provider to let you configure it for bridging. Then the DSL modem
"just disappears" as far as IP is concerned and cannot (AFAIK) be
attacked. Then all of the firewalling/NAT/DHCP/routing is on your
Linux box where you can control every aspect of it.
</paranoia>
> PS: Out of curiosity, how many of you DSL users can actually use
> tcpdump, or (gasp) ngrep, to watch what your neighbors are doing??
>
> I can see it now... People in a network segment getting an email
> w/Subject "I know what you did last summer...." <insert long list
> of adult-only sites for yourself.>
If I did that I'd try to be a good citizen:
Subject: security warning - you are exposing yourself!
and so forth. I don't really want to find out if being a "good
citizen" this way will make the ISP any kinder when they consider
terminating my account, though. :)
--
John Hardin KA7OHZ ICQ#15735746 http://www.wolfenet.com/~jhardin/
[EMAIL PROTECTED] pgpk -a finger://gonzo.wolfenet.com/jhardin
768: 0x41EA94F5 - A3 0C 5B C2 EF 0D 2C E5 E9 BF C8 33 A7 A9 CE 76
1024: 0xB8732E79 - 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
Failure to plan ahead on someone else's part does not constitute an
emergency on my part.
- David W. Barts in a.s.r
<[EMAIL PROTECTED]>
-----------------------------------------------------------------------
38 days until the Y2K apocalypse - keep gold & ammo handy!
--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.
