[clug] ADSL Provider Questions

[James McNeill]

Jepri wrote:
<schnipp>
> As for hardware, I second the suggestions about black box routers.  You 
> plug 'em in, connect to their webpage, type in your username/password 
> and boom! you're online.  Sure beats stuffing around with iptables (not 
> that it isn't a great product, bow scrape).
<schnipp>

Stand alone routers are very convenient, and I do use one myself. But 
they are no substitute for a good linux firewall. They do NAT, but most 
are still susceptible to address spoofing and various other attacks. The 
code that they run is proprietary and potentially full of bugs.

and /please/ change the default password on the router, and also disable 
WAN port side administration.

I would reccomend router + ipcop for true peace of mind.

cheers,
-james