[hblug] Re: Getting Broardband
Tony Hughes
tony at tall.co.nz
Tue Mar 25 11:44:17 NZST 2008
Its getting away from Linux specifically, but examples like dialup
internet and cable internet can expose a PC to the net with no NAT,
port forwarding, or firewall.
I still stand by my statement that every system should be behind a
firewall of some sort. For many people, this will simply be the
firewall built into their ADSL router (i.e. many who say they dont
have a firewall, actually do).
Regards,
Tony Hughes
On 25/03/2008, at 12:33 PM, Rene Bartosh wrote:
> Most ADSL modems are actually modem/routers, that is, they are both a
> modem and a router. Because they all use NAT by default, there is no
> need to have a software firewall the prevent anything nasty coming in
> from the net, however if running windows you may wish to have a
> software firewall to prevent nasty things getting out, but that is
> your choice (personally I do not bother). The only way things can
> connect to you through NAT is if you setup a port forward (sometimes
> called a pinhole) which passes a specific TCP and/or UDP port on your
> WAN interface (the internet interface) to a specific client PC,
> however it will only allow access to the client PC on that port. For
> example. I have the RDP and VPN ports on my external IP forwarded to
> my windows box, but that is the only service that can be accesses
> externally, you cannot access for example my SMB shares.
>
> Also regarding static IP addresses, I think some ISPs work on the
> basis that while it might not actually be static, it only changes
> rarely. The best thing to do is just setup dynamic DNS (dyndns.com or
> no-ip.com) on your router (most support this) then you can forget
> about IP addresses completely.
>
> Regards,
>
> Rene
>
> On 25/03/2008, Michael Adams <linux_mike at paradise.net.nz> wrote:
>> On Mon, 24 Mar 2008 17:43:44 +1300
>> chris morris wrote:
>>
>>> Tony Hughes wrote:
>>>> Without a firewall on any system, then a bad guy can access any
>>>> services on your machine(s) that are open to either attack, or
>>>> simple sharing.
>>>> Linux is no exception to this.
>>>> Regards,
>>>> Tony Hughes
>>> I've never had a firewall on my linux boxes - and never had any (
>>> external ) trouble either...
>>>
>>> I just did an online port probe here
>>> http://probe.hackerwatch.org/probe/probe.asp
>>>
>>> and came up all secure, so I dont bother with firewalls on linux
>>> boxes.
>>>
>>> chris
>>>
>>
>>
>> Doesn't your fancy router/modem have the firewall installed? He says
>> remembering a list-post from years back. Long teeth, grey hair and
>> spongy questionable memory.
>>
>>
>> --
>> Michael
>>
>> All shall be well, and all shall be well, and all manner of things
>> shall
>> be well
>>
>> - Julian of Norwich 1342 - 1416
>>
>> _______________________________________________
>>
>> HBLUG mailing list
>> HBLUG at linux.net.nz
>> http://www.linux.net.nz/cgi-bin/mailman/listinfo/hblug
>>
>
>
> --
>> From Rene Bartosh (Gmail account) <kirjava at gmail.com>
> Personal: http://kirjava.net.nz/
> Work: http://eksion.net/
>
> _______________________________________________
> HBLUG mailing list
> HBLUG at linux.net.nz
> http://www.linux.net.nz/cgi-bin/mailman/listinfo/hblug
More information about the HBLUG
mailing list