Re: need help

To: debian-user@lists.debian.org
Cc: John Hasler <jhasler@debian.org>
Subject: Re: need help
From: Gene Heskett <gene.heskett@verizon.net>
Date: Sat, 09 Apr 2005 00:56:11 -0400
Message-id: <[🔎] 200504090056.11872.gene.heskett@verizon.net>
In-reply-to: <[🔎] 87fyy0u1fl.fsf@toncho.dhh.gt.org>
References: <[🔎] WmF5e.52033$wo1.5229@bignews6.bellsouth.net> <[🔎] 200504090200.08830.linux-debian@shadypond.com> <[🔎] 87fyy0u1fl.fsf@toncho.dhh.gt.org>

On Friday 08 April 2005 22:30, John Hasler wrote:
>Pollywog writes:
>> I have a Linksys broadband router and it is definitely better than
>> the old way (PPPoE and Roaring Penguin).
>
>How?
>
>> The router has the PPPoE stuff built-in, so I don't need to fiddle
>> with it.
>
>But can you trust it?

I've been doing this for 2 years now John, and I've actually logged 
someone attempting to access my home network from the outside world 4 
times in that two years.  3 of the attacks came from my secondary dns 
server at verizon.net.  verizon seems married to M$ IIS servers & 
they are always getting a snotty nose from some viri or other.  Email 
in particular seems very troublesome for verizon, I've been w/o 
service around 19 hours in the last week alone.  None of them got any 
farther than being logged before they were shut out by one of 
iptables-1.2.6 (very old version), portsentry-1.1 (also old version), 
or tcpwrappers.  The router in my case is operating in gateway mode, 
and is the only address other than the nic in the firewall thats on 
that subnet.  Other than a closed identd port, nmap, satan, 
whathaveyou cannot find me.  But my access to the outside world is 
totally transparent, as long as the dns itself doesn't get locked 
out.  Thats happened often enough I now have them in my whitelist 
since they cannot get in anyway.

But, be aware that linksys is doing something funny with their later 
offerings, like disabling icmp and udp, so you cannot ping or 
traceroute thru them.  I screwed around with a later model BEFSX41 
cause it could do 2 vpn's, but 3 different firmwares burnt into it 
did not succeed in restoreing what I think should be normal 
operation, so it went back to CC and I got a refund check eventually.  
The one I'm running now is a BEFSR41, nearly 2 years old, with the 
latest firmware in it, its working fine.

Netgears routers are probably ok although I haven't needed to explore 
them, but you shouldn't touch a seimans, some script kiddie will own 
it, and you'll be locked out in a week or less.  Thats how long one 
lasted here 2 years ago when i got tired of screwing with roaring 
penguins PPPoE, couldn't keep it online long enough to do 2 mail runs 
with kmail.  And sometimes it could not reconnect until the box was 
rebooted.  Its no doubt better now, but then, it was a PITA.

>--
>John Hasler

-- 
Cheers, Gene
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
99.34% setiathome rank, not too shabby for a WV hillbilly
Yahoo.com and AOL/TW attorneys please note, additions to the above
message by Gene Heskett are:
Copyright 2005 by Maurice Eugene Heskett, all rights reserved.

Reply to:

References:
- need help
  - From: "Luke Heron" <heron_l@bellsouth.net>
- Re: need help
  - From: Pollywog <linux-debian@shadypond.com>
- Re: need help
  - From: John Hasler <jhasler@debian.org>

Prev by Date: Re: Annoying problem with GTK apps
Next by Date: Re: copy partition from a remote server
Previous by thread: Re: need help
Next by thread: gaim-vv problem
Index(es):
- Date
- Thread