Re: Install Report

To: JimcDTWlst@aol.com
Cc: jens@unfaehig.de, jrrodgers@link.com, debian-firewall@lists.debian.org
Subject: Re: Install Report
From: John Kramer <jbkramer@mad.scientist.com>
Date: Wed, 2 Aug 2000 19:52:25 +0000 (GMT)
Message-id: <[🔎] Pine.LNX.4.21.0008021935390.6052-100000@coruscant.jedi>
In-reply-to: <[🔎] 29.86edb85.26b9ce4e@aol.com>

On Wed, 2 Aug 2000 JimcDTWlst@aol.com wrote:

> > > Cannot overemphasize importance of firewall when running site on DSL.
> >  
> >  Why? What is special in DSL? 
> >  
> >  (followup to debian-firewall@lists.debian.org)
> 
> 
> bc. you are on a domain subnet.  EVERY other connection (like the ISPs total 
> cuatomer base) can download free netadmin software and run it in promiscuous 
> mode (it lets anybody "in"/"on") to then receive the grand scheme of the 
> grand stream of ALL packets that enter that subnet.There are more than a few 
> stream editor etc. tools out there to enter expressions etc. to 
> start/stop/control a packet collection that just happens to be your traffic, 
> specifically.  They can see all of exactly what you see/send/receive (back 
> orifice gives them TOTAL control of your computer, even while you use it and 
> especially after you use it).
> 
> Don't take my word for it.  Look about you.  DSL "requires" you "participate" 
> with complete security, state of the art, up to the minute.  Every net access 
> (in/out) needs full best of breed encryption/decryption, not just a firewall.
> 
> Regards,
> 
> JimcDTWlst
> 
> P.S.
> 
> There may be technical incorrectness in my description above, but those who 
> can refute any of the above points may have to admit that any point they 
> counter with will likely be shown to be quite debatable by their own peers.

Depends on the provider.  Some providers will only let you see broadcast
traffic and traffic destined for your mac- or ip- address.  Same thing
with cable modems.  But whether or not you're on DSL or T1 or Cable Modem
or ISDN or 9.6, you have an address reachable on the global internet and
you can receive "unauthorized" traffic.  It's just easier to notice an
attack on a modem or ISDN since an attack may cause a noticeable
performance degradation and/or take longer.  Plus, if you're in a
broadcast domain, you could possibly see neighboring broadcasts services
like file & printer sharing.  But those services are still reachable and
attackable.

(granted, an enterprising cracker could find a way to reprogram a cable
modem to be promiscuous...)

Having a firewall simply protects your network from unauthorized traffic;
it does nothing to safeguard your traffic from being intercepted.  
Encryption and authentication services ensure the integrity and protect
the data.  (VPN/IPSEC, SSH).  It doesn't matter of you're connected to a
T1, ISDN, DSL, dial-up, or Cable Modem.  You're addressable on the
internet, you can be scanned, and someone in the internet along the path
can still eavesdrop.

john

--
John B. Kramer  
jbkramer@mad.scientist.com
http://24.17.57.58/~yoda

Reply to:

References:
- Re: Install Report
  - From: JimcDTWlst@aol.com

Prev by Date: Re: Install Report
Next by Date: Re: Install Report
Previous by thread: Re: Install Report
Next by thread: Re: Install Report
Index(es):
- Date
- Thread