Re: Hardware needed for home network

To: debian-user@lists.debian.org
Subject: Re: Hardware needed for home network
From: John Hasler <jhasler@debian.org>
Date: Sun, 13 Feb 2011 09:17:02 -0600
Message-id: <[🔎] 87ei7cm0b5.fsf@thumper.dhh.gt.org>
In-reply-to: <[🔎] 20110213144348.GB3025@think.homelan> (Andrei Popescu's message of "Sun, 13 Feb 2011 16:43:48 +0200")
References: <[🔎] 20110211133710.041074fe.jhsu802701@jasonhsu.com> <[🔎] torg28xmqa.ln2@news.roaima.co.uk> <[🔎] 1297534704.3648.10.camel@computer2.home> <[🔎] 20110213010146.GB18225@think.homelan> <[🔎] 1297588976.2340.17.camel@computer2.home> <[🔎] 20110213105539.GE18225@think.homelan> <[🔎] 1297596912.2916.35.camel@computer2.home> <[🔎] 20110213130214.GI18225@think.homelan> <[🔎] 1297606152.2571.62.camel@computer2.home> <[🔎] 20110213144348.GB3025@think.homelan>

Andrei writes:
> You seem to assume it is impossible for a packet to reach one of the
> other internal computers without taking the detour via the server (and
> it's firewall). Maybe I'm paranoid, but I wouldn't base the security
> of my internal network on this assumption.

If I understand correctly he has the modem in bridge mode and is running
pppd on the server (I am doing this as well though I also have two NICs
on the server).  Thus there is no IP traffic between the modem and the
server: just PPP.  Even if the PPP packets were to reach one of the
other computers they could do nothing with them unless they were also
running pppd.  I suppose an attacker could seize control of the modem
(hard to do when it's in bridge mode) and then launch an attack, though.

Modem firmware has a history of being buggy and full of holes.  I'd
rather not let it have any access at all to my network.  NICs are cheap.
-- 
John Hasler

Reply to:

Follow-Ups:
- Re: Hardware needed for home network
  - From: Tixy <tixy@yxit.co.uk>

References:
- Hardware needed for home network
  - From: Jason Hsu <jhsu802701@jasonhsu.com>
- Re: Hardware needed for home network
  - From: Chris Davies <chris-usenet@roaima.co.uk>
- Re: Hardware needed for home network
  - From: Tixy <tixy@yxit.co.uk>
- Re: Hardware needed for home network
  - From: Andrei Popescu <andreimpopescu@gmail.com>
- Re: Hardware needed for home network
  - From: Tixy <tixy@yxit.co.uk>
- Re: Hardware needed for home network
  - From: Andrei Popescu <andreimpopescu@gmail.com>
- Re: Hardware needed for home network
  - From: Tixy <tixy@yxit.co.uk>
- Re: Hardware needed for home network
  - From: Andrei Popescu <andreimpopescu@gmail.com>
- Re: Hardware needed for home network
  - From: Tixy <tixy@yxit.co.uk>
- Re: Hardware needed for home network
  - From: Andrei Popescu <andreimpopescu@gmail.com>

Prev by Date: Local debian repository producing additional packages with version mismatches
Next by Date: Proper way to restart network after modem/router reset
Previous by thread: Re: Hardware needed for home network
Next by thread: Re: Hardware needed for home network
Index(es):
- Date
- Thread