Hi Klaus ! Ich hab' ne Info über ADSL4LINUX, daß der ganze Traffic aus dem LAN bei einer direkten Verbindung Modem-Switch zumindest bis zum Breiband-POP der Firma mit dem fetten T schwappt. Da ist protokollbedingt. Laut Fett-T hat das Modem zwar eine self-learning-bridge, die nach einiger Zeit (...was das auch heißen mag...) erkennt, was für's LAN und was für's WWW ist, aber selflearning find ich jetzt persönlich nicht so überzeugend...ich hab's gelassen. Ich denke ein "richtiger" DSL-Router (z.B. Netgear) ist da besser, mit dem Fett-T-Schuhkarton laß' ich's lieber. Bis dann, Michel ;-) --- I've found an info at ADSL4LINUX, that the whole LAN-traffic floods to the broadband-POP of the fat-T (ergg, fat-T ist the german TELEKOM). The TELEKOM says, that the modem is stuffed with a so-called "self-leaning-bridge", which can decide (after a training time), which IP-packet is for the lan and whist has it's destination in the www. But in my opinion, self-leaning sounds not very safe. I think a "real" dsl-router is a better solution. With the big white fat-t-box i'll make no experiments. See ya, Michel ;-) At 12:01 03.02.02 +0100, you wrote:
Hallo Michael,
ich kann Dir auch keine Antwort darauf geben, aber das Thema interessiert mich genauso. Auf der Liste scheinst Du keine Antwort bekommen zu haben.
Hast Du neuere Erkenntnisse?
P.S. Vielleicht frag noch mal auf "suse-isdn" nach, da wird auch ab und an ueber DSL diskutiert...
On Wed, Jan 30, 2002 at 10:42:32PM +0100, Michael Paarmann wrote:
Dear List members,
Does anyone know, if it is a security risk when i connect a DSL modem by the TELEKOM with a switch and the computer with the pppoed demon is connected via a switch to the modem and not directly? At the moment the situation is, that the T-DSL-Modem is connected to a linux router pc with pppoed, squid, and iptables. With the second network device the pc is connected to the local network. Due different reasons it would be nice, if the modem is directly connected to a switch and the linux router is somewhere else. I'm not sure, if somebody can hack or modify different packets, so that they don't reach the pc with the pppoed demon but another local workstation. The T-DSL modem is not a real router (Modem by SIEMENS) and it can only be connected by one single pc, but is real safe ? Has anybody a hint ? Thanx a lot in advance.
Michael
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
--
Klaus Franken, mail@klaus.franken.de
------------------------------------------------------------ D O N ' T P A N I C !!! ------------------------------------------------------------ Uptime: Linux 2.2.19, 4 Days, 1:16 Hours