[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: need help

On Friday 08 April 2005 22:30, John Hasler wrote:
>Pollywog writes:
>> I have a Linksys broadband router and it is definitely better than
>> the old way (PPPoE and Roaring Penguin).
>> The router has the PPPoE stuff built-in, so I don't need to fiddle
>> with it.
>But can you trust it?

I've been doing this for 2 years now John, and I've actually logged 
someone attempting to access my home network from the outside world 4 
times in that two years.  3 of the attacks came from my secondary dns 
server at verizon.net.  verizon seems married to M$ IIS servers & 
they are always getting a snotty nose from some viri or other.  Email 
in particular seems very troublesome for verizon, I've been w/o 
service around 19 hours in the last week alone.  None of them got any 
farther than being logged before they were shut out by one of 
iptables-1.2.6 (very old version), portsentry-1.1 (also old version), 
or tcpwrappers.  The router in my case is operating in gateway mode, 
and is the only address other than the nic in the firewall thats on 
that subnet.  Other than a closed identd port, nmap, satan, 
whathaveyou cannot find me.  But my access to the outside world is 
totally transparent, as long as the dns itself doesn't get locked 
out.  Thats happened often enough I now have them in my whitelist 
since they cannot get in anyway.

But, be aware that linksys is doing something funny with their later 
offerings, like disabling icmp and udp, so you cannot ping or 
traceroute thru them.  I screwed around with a later model BEFSX41 
cause it could do 2 vpn's, but 3 different firmwares burnt into it 
did not succeed in restoreing what I think should be normal 
operation, so it went back to CC and I got a refund check eventually.  
The one I'm running now is a BEFSR41, nearly 2 years old, with the 
latest firmware in it, its working fine.

Netgears routers are probably ok although I haven't needed to explore 
them, but you shouldn't touch a seimans, some script kiddie will own 
it, and you'll be locked out in a week or less.  Thats how long one 
lasted here 2 years ago when i got tired of screwing with roaring 
penguins PPPoE, couldn't keep it online long enough to do 2 mail runs 
with kmail.  And sometimes it could not reconnect until the box was 
rebooted.  Its no doubt better now, but then, it was a PITA.

>John Hasler

Cheers, Gene
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
99.34% setiathome rank, not too shabby for a WV hillbilly
Yahoo.com and AOL/TW attorneys please note, additions to the above
message by Gene Heskett are:
Copyright 2005 by Maurice Eugene Heskett, all rights reserved.

Reply to: