Re: Desperate for good firewall: ARP and DNS attacks

To: debian-firewall@lists.debian.org
Subject: Re: Desperate for good firewall: ARP and DNS attacks
From: Alex Samad <alex@samad.com.au>
Date: Sun, 7 Mar 2010 06:37:07 +1100
Message-id: <[🔎] 20100306193707.GA7732@laptop-hp.samad.com.au>
In-reply-to: <[🔎] 6289ef7e1b61364bad9c1af37d22363e.squirrel@192.168.1.100>
References: <[🔎] 40a027ee1003011735y770e6c8fo1c26158f2a15ce63@mail.gmail.com> <[🔎] 20100302143513.GA15309@lia.ch> <4617_1267592942_4B8DEEEB_4617_377_3_40a027ee1003022107p45cb1fa2v498c7742e50c0ded@mail.gmail.com> <[🔎] 17963_1267614650_4B8E43BA_17963_16_1_A54570CA491AF843B18DD8BC6169BFC00E5A3035@fr0-mailmb11.res.airbus.corp> <[🔎] 40a027ee1003052049ta9bbb23y686bca0fc597d3ea@mail.gmail.com> <[🔎] 6289ef7e1b61364bad9c1af37d22363e.squirrel@192.168.1.100>

On Sat, Mar 06, 2010 at 04:11:49PM +1100, Tim Clewlow wrote:
> > I did try a new modem/router, a Linksys/Cisco WAG120N, but as soon
> > as
> > I plugged it in, I had no hope of getting to the configuration page
> > in
> > the browser before it was being attacked.
> 
> Use a clean computer and plug the modem into that, do NOT plug the
> modem into the adsl line. Go to the modem config page and change the
> default password. Now lock down the modem, ie make sure no ports are
> open / mapped / forwarded unless YOU specifically want them open.

[snip]

> >
> 
> Get a minimal CD to install a clean system from, either *nix or *bsd
> will do. Run the CD, do not install, instead drop to a shell and
> manually clear the entire disk, dd would be the command I would use.
> It is NOT possible for an ATA hardware controller to get haxored, so
> this will always work.
> 
> Now you have a clean modem and a clean computer - installing and
> config a secure sys is now up to you, but most *nix and *bsd sys are
> quite secure by default.

might want to do the laptop first and then make sure nothing else apart
from the laptop is connected to the modem.

Then work up from there

> 
> Regards, Tim.
> 
> 

-- 
"A dictatorship would be a heck of a lot easier, there's no question about it."

	- George W. Bush
07/27/2001

Reply to:

References:
- Desperate for good firewall: ARP and DNS attacks
  - From: Linux User <linux.user.au@gmail.com>
- Re: Desperate for good firewall: ARP and DNS attacks
  - From: Stephan Balmer <sb@lia.ch>
- RE: Desperate for good firewall: ARP and DNS attacks
  - From: "DUFRESNE, Mathias \(KPF\)" <MATTHIAS.DUFRESNE@airbus.com>
- Re: Desperate for good firewall: ARP and DNS attacks
  - From: Linux User <linux.user.au@gmail.com>
- Re: Desperate for good firewall: ARP and DNS attacks
  - From: "Tim Clewlow" <tim@clewlow.org>

Prev by Date: Re: Desperate for good firewall: ARP and DNS attacks
Next by Date: RE: Desperate for good firewall: ARP and DNS attacks
Previous by thread: Re: Desperate for good firewall: ARP and DNS attacks
Next by thread: RE: Desperate for good firewall: ARP and DNS attacks
Index(es):
- Date
- Thread