[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Hardware needed for home network



On Sun, 2011-02-13 at 09:17 -0600, John Hasler wrote:
> Andrei writes:
> > You seem to assume it is impossible for a packet to reach one of the
> > other internal computers without taking the detour via the server (and
> > it's firewall). Maybe I'm paranoid, but I wouldn't base the security
> > of my internal network on this assumption.
> 
> If I understand correctly he has the modem in bridge mode and is running
> pppd on the server (I am doing this as well though I also have two NICs
> on the server).  Thus there is no IP traffic between the modem and the
> server: just PPP.

That's right

>   Even if the PPP packets were to reach one of the
> other computers they could do nothing with them unless they were also
> running pppd.  I suppose an attacker could seize control of the modem
> (hard to do when it's in bridge mode) and then launch an attack, though.
> 
> Modem firmware has a history of being buggy and full of holes.  I'd
> rather not let it have any access at all to my network.  NICs are cheap.

My setup replaces a consumer wireless/modem/router and I have no reason
to suspect that the new modem is more prone to compromise that the old
kit. Considering it's a lot simpler, not doing routing or NAT, I would
expect it to have less vulnerabilities all other things being equal.


-- 
Tixy               ()  The ASCII Ribbon Campaign (www.asciiribbon.org)
                   /\  Against HTML e-mail and proprietary attachments


Reply to: