p2p, anonymity and security
Greg Rundlett
greg at freephile.com
Fri Mar 12 12:24:25 EST 2004
bscott at ntisys.com wrote:
>On Thu, 11 Mar 2004, at 12:04am, greg at freephile.com wrote:
>
>
>>So, my first question...Is a Linksys Router doing 'firewall' duty and NAT
>>easy to get past?
>>
>>
>
> Absolutely. But not through the vectors you think.
>
> Those SOHO routers are pretty simple. They do stateful tracking of TCP
>and UDP, and block anything incoming that you didn't originate. For
>example, someone trying to telnet into the root shell you have running on
>TCP port 666 will be blocked.
>
> It's the stuff you allow that is the problem. You say you have forward
>some ports? What ports? What are you running on those ports?
>
> For example: If you forward a port in for that root shell I mentioned,
>anyone who finds that can take over your computer.
>
> You mention you've installed some software. How trustworthy is this
>software? If the software contains backdoors which grant remote access, it
>won't matter how strong your firewall is -- because you've explicitly told
>your firewall to allow the traffic. Or maybe the software contains no
>deliberate exposures, but is so buggy that exploits are a dime a dozen. Or
>maybe the design of the network protocol(s) it uses defeat your firewall.
>Or whatever.
>
> I have encountered many situations where a network with a very good
>firewall is totally compromised by hostile software. A firewall won't help
>if you download and install the attack vectors willingly.
>
>
>
Thanks Ben,
You confirm that I actually do know a few things about security and how
my hardware works. I heard a remark recently that the Linksys router
wasn't a firewall at all. And the real meaning of that is that security
must be measured in a broader context than just asking if 'x' will keep
me safe.
--
FREePHILE
We are 'Open' for Business
Free and Open Source Software
http://www.freephile.com
(978) 270-2425
"Language shapes the way we think, and determines what we can think about."
-- B. L. Whorf
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.gnhlug.org/mailman/private/gnhlug-discuss/attachments/20040312/9ad38eec/attachment.html
More information about the gnhlug-discuss
mailing list