Re: Cracking attempt

To: Stefaan Teerlinck <stefaan@itecom.be>
Cc: "debian-isp@lists.debian.org" <debian-isp@lists.debian.org>
Subject: Re: Cracking attempt
From: Craig Sanders <cas@taz.net.au>
Date: Wed, 26 Feb 2003 17:33:43 +1100
Message-id: <20030226063343.GL1671@taz.net.au>
In-reply-to: <auto-000001697187@itecom.be>
References: <auto-000001697187@itecom.be>

On Tue, Feb 25, 2003 at 07:19:09AM +0100, Stefaan Teerlinck wrote:
> There are also cheap ($100) NAT routers / "firewalls" available like
> D-Link or Netgear if you don't need a speed > 10Mbps You'll have to
> spend $100, but it won't consume you time, it takes a lot less space,
> and it will consume a lot less electricity.

yes, that's true...but:

a) $100 is a lot more than recycling an old desktop machine (free)

b) $100 routers are toys with very limited capabilities and very
   limited configurability.  if what you want to do matches exactly
   what the menu options allow for, then they're OK.  if not, then
   they're basically useless.

   linux gives you a lot of flexibility that a cheap router just can't
   provide.  IMO & IME, more flexibility than even a top-end commercial
   router provides.

c) i don't know about you, but i wouldn't be inclined to trust the
   security of a $100 consumer-grade firewall.  i know from personal
   experience that some of dlink's cheaper products have gaping security
   holes (e.g. the DWL-900AP+ wireless AP has a flaw which allows anyone
   to flash upgrade it over the wireless interface)

d) if size and power consumption is an issue, better to spend $200-$250
   USD on something like a soekris net4511 board (an SBC with several
   ethernet interfaces, mini-PCI, and 2 PCMCIA slots - they make pretty
   good routers, and the PCMCIA slots make them almost ideal for
   mast-mounted wireless access points) and install linux on it.

craig

ps: yes, i have a dlink DWL-900AP+ mounted in a box (and powered by 12v
AC over the ethernet cable, regulated to DC) on the mast on my roof.
i'm thinking of replacing it with a soekris board.  or maybe a standard
desktop pc in the roof plus about 12 metres of LMR-400 cable to the top
of the mast.  my main problem with the dlink is that it has no routing
capability, and almost no diagnostic abilities....it's a black box that
doesn't let you find out what is going on.  with a linux box i could run
kismet or airsnort or even tcpdump to help diagnose problems.  which is
another reason why linux boxes are superior to commercial routers -
linux, like any unix, has available an enormous swag of useful tools.

-- 
craig sanders <cas@taz.net.au>

Fabricati Diem, PVNC.
 -- motto of the Ankh-Morpork City Watch

Reply to:

Follow-Ups:
- Re: Cracking attempt
  - From: Russell Coker <russell@coker.com.au>

References:
- RE: Cracking attempt
  - From: "Stefaan Teerlinck" <stefaan@itecom.be>

Prev by Date: Re: Qmail+Spamassasin
Next by Date: Re: ISP Billing Software / RODOPI
Previous by thread: RE: Cracking attempt
Next by thread: Re: Cracking attempt
Index(es):
- Date
- Thread