[clug] ADSL Provider Questions
James McNeill
j at jamesm.id.au
Mon Mar 8 22:00:19 GMT 2004
Jepri wrote:
<schnipp>
> As for hardware, I second the suggestions about black box routers. You
> plug 'em in, connect to their webpage, type in your username/password
> and boom! you're online. Sure beats stuffing around with iptables (not
> that it isn't a great product, bow scrape).
<schnipp>
Stand alone routers are very convenient, and I do use one myself. But
they are no substitute for a good linux firewall. They do NAT, but most
are still susceptible to address spoofing and various other attacks. The
code that they run is proprietary and potentially full of bugs.
and /please/ change the default password on the router, and also disable
WAN port side administration.
I would reccomend router + ipcop for true peace of mind.
cheers,
-james
More information about the linux
mailing list