[Tfug] debian 4 security

Eric Christian ericdanc at alice-dsl.net
Thu May 29 01:36:38 MST 2008


> Date: Wed, 28 May 2008 14:45:08 -0700
> From: "Ronald Sutherland" <ronald.sutherland at gmail.com>
> Subject: Re: [Tfug] debian 4 security
> To: "Tucson Free Unix Group" <tfug at tfug.org>
> Message-ID:
> 	<795af4650805281445w17a6d955ifd29a4607030c80d at mail.gmail.com>
> Content-Type: text/plain; charset="iso-8859-1"
>
> On Wed, May 28, 2008 at 10:15 AM, ericdanc at alice-dsl.net <
> ericdanc at alice-dsl.net> wrote:
>
>   
>> I have 1 or 2 PCS plugged directly into a dsl-modem, no LAN and just 1
>> user (me). Since the pppoe-connections are temporary with dynamic
>> ip-addressing, an iptables-firewall probably isn?t needed or possible.
>> I, however, want to feel comfortable connecting to my bank, fund manager
>> etc.  Except for ps aux, dmesg etc., somehow i don?t feel like i know
>> what?s going on in debian:  it?s so "quiet" compared to, say, vista,
>> where it?s hand to hand combat every day when you?re connected.
>> So, given my minimal system, are there security tools (weapons), like
>> intrusion detection,  a list of services I should turn off or whatever?
>> Eric
>>
>>     
>
> does pppoe give you a routed IP address?
> with my dsl modem (pppoa) only the modem gets a routed address. The
> computers that talk to the modem have non-routed addresses 192.168.0.*, thus
> nothing can see them or get to them.
>
> In my case the modem runs NAT to make this work, a fire wall would block
> ports that no one can see anyway, and I would have to open ports up to
> access my other computers.
>
> http://en.wikipedia.org/wiki/Network_address_translation
>
> Try Firefox on Windows, it may reduces the hand to hand combat. I'm still
> using XP so not sure on that.
>
> RFC 1918 defines the following private address blocks. These blocks are
> guaranteed to not be routed across the Internet.
> network            range                                  notes
> 10.0.0.0/8         10.0.0.0 to 10.255.255.255             1 Class A
> 172.16.0.0/12      172.16.0.0 to 172.31.255.255           16 Class B
> 192.168.0.0/16     192.168.0.0 to 192.168.255.255         256 Class C
>   
A routed address? If you mean a "real" address, yes. Actually, 2 
addresses, one for Eth1 (inside of NIC [ETH0 is bluetooth]) and one for 
the ppp0 interface (outside of the NIC, the ISP server in the internet). 
At connection, one also sees the addr of the prim/sec ISP-DNS-servers.

As far as I know, my modem is just transparent, has no ip-address and no 
routing functionality. I do use firefox+add-ons in vista, mainly 
"noscript" and "Mcaffee site advisor" (they`re good in conjunction). But 
what do i know? I found out a couple weeks ago, this DSL, which runs on 
the ol`tel 2 wire cable (wires a and b), can "run"  on just one wire! 
this screwed me up, because, although the DSL-tel/internet "ran", the 
analogue tel wouldn`t work when hooked up to the incoming a/b cable.  It 
turned out, one wire was loose...

Facit seems to be, my debian does have a real ip-addr, albeit just temp 
until next dis/connection, but, that there is a theoretical attack risk.
Eric




More information about the tfug mailing list