[Tfug] debian 4 security
Eric Christian
ericdanc at alice-dsl.net
Thu May 29 01:36:38 MST 2008
> Date: Wed, 28 May 2008 14:45:08 -0700
> From: "Ronald Sutherland" <ronald.sutherland at gmail.com>
> Subject: Re: [Tfug] debian 4 security
> To: "Tucson Free Unix Group" <tfug at tfug.org>
> Message-ID:
> <795af4650805281445w17a6d955ifd29a4607030c80d at mail.gmail.com>
> Content-Type: text/plain; charset="iso-8859-1"
>
> On Wed, May 28, 2008 at 10:15 AM, ericdanc at alice-dsl.net <
> ericdanc at alice-dsl.net> wrote:
>
>
>> I have 1 or 2 PCS plugged directly into a dsl-modem, no LAN and just 1
>> user (me). Since the pppoe-connections are temporary with dynamic
>> ip-addressing, an iptables-firewall probably isn?t needed or possible.
>> I, however, want to feel comfortable connecting to my bank, fund manager
>> etc. Except for ps aux, dmesg etc., somehow i don?t feel like i know
>> what?s going on in debian: it?s so "quiet" compared to, say, vista,
>> where it?s hand to hand combat every day when you?re connected.
>> So, given my minimal system, are there security tools (weapons), like
>> intrusion detection, a list of services I should turn off or whatever?
>> Eric
>>
>>
>
> does pppoe give you a routed IP address?
> with my dsl modem (pppoa) only the modem gets a routed address. The
> computers that talk to the modem have non-routed addresses 192.168.0.*, thus
> nothing can see them or get to them.
>
> In my case the modem runs NAT to make this work, a fire wall would block
> ports that no one can see anyway, and I would have to open ports up to
> access my other computers.
>
> http://en.wikipedia.org/wiki/Network_address_translation
>
> Try Firefox on Windows, it may reduces the hand to hand combat. I'm still
> using XP so not sure on that.
>
> RFC 1918 defines the following private address blocks. These blocks are
> guaranteed to not be routed across the Internet.
> network range notes
> 10.0.0.0/8 10.0.0.0 to 10.255.255.255 1 Class A
> 172.16.0.0/12 172.16.0.0 to 172.31.255.255 16 Class B
> 192.168.0.0/16 192.168.0.0 to 192.168.255.255 256 Class C
>
A routed address? If you mean a "real" address, yes. Actually, 2
addresses, one for Eth1 (inside of NIC [ETH0 is bluetooth]) and one for
the ppp0 interface (outside of the NIC, the ISP server in the internet).
At connection, one also sees the addr of the prim/sec ISP-DNS-servers.
As far as I know, my modem is just transparent, has no ip-address and no
routing functionality. I do use firefox+add-ons in vista, mainly
"noscript" and "Mcaffee site advisor" (they`re good in conjunction). But
what do i know? I found out a couple weeks ago, this DSL, which runs on
the ol`tel 2 wire cable (wires a and b), can "run" on just one wire!
this screwed me up, because, although the DSL-tel/internet "ran", the
analogue tel wouldn`t work when hooked up to the incoming a/b cable. It
turned out, one wire was loose...
Facit seems to be, my debian does have a real ip-addr, albeit just temp
until next dis/connection, but, that there is a theoretical attack risk.
Eric
More information about the tfug
mailing list