TransACT Cable Router
Dale Shaw
DShaw at exceed.com.au
Tue Apr 1 11:27:48 EST 2003
I don't know about the Netgear RT314 but the Linksys model doesn't
appear to include fully fledged firewalling capabilities. It says it
provides firewalling via NAT, but NAT in itself only provides security
by obscurity. It's not clear whether or not it would protect in any way
an 'inside' host with an active translation from attacks on the
Internet.
Example: Inside host 192.168.0.1 makes a connection through the gateway
and is translated into the xDSL interface's IP address, 203.1.2.3. Is
the router going to stop someone connecting to an arbitrary port on
203.1.2.3, or will it simply pass it back through to the originating
host? Sure, you can't directly target the inside host because its
address isn't routeable on the Internet, but if the router is only doing
NAT (or more accurately in this case, PAT or N-PAT) and not some form of
packet filtering (stateful or not), you'll need to protect yourself with
some host-based firewalling.
I'm currently using a Netgear FVS318 (stateful packet filter + some
application-specific bells/whistles) with my TransACT/WebOne connection,
but if I was going through the process again, I'd find a nice small form
factor PC and install an operating system capable of stateful packet
filtering, application layer gatewaying and, of course, PPPoE. Much
better solution and if you go about it right, just as effortless to
manage as an 'appliance'.
..my 2c.
Cheers,
Dale
-----Original Message-----
From: John Griffiths [mailto:john at capmon.com]
Sent: Tuesday, 1 April 2003 11:11 AM
To: linux at lists.samba.org
G'day guys.
My house (share with two others) has been signed up for TransACT and I'm
looking at my options for a cable/router.
I've had solid service from the netgear rt314 in other places but on
cougar i see they're selling the linksys "EtherFast Cable/DSL Router
with 4-Port 10/100 Switch" (LIN-BEFSR41) for $170
As opposed to $377 for the netgear model.
Does anyopne have any experience of the linksys model with TransACT?
AnandTech seemed to rate it reasonably well:
http://www.anandtech.com/showdoc.html?i=1206&p=6
TIA,
John
More information about the linux
mailing list