Hello, On Aug 5 08:55 Dylan wrote (shortened):
On Wednesday 04 August 2010, Togan Muftuoglu wrote:
On 08/04/2010 09:04 PM, Carlos E. R. wrote:
... There is an ADSL router that connects to Internet. Behind there is an internal network ...
I would use different of networks so internal and external are really separate
What a unexpected coincidence with what I suggest in http://en.opensuse.org/SDB:CUPS_and_SANE_Firewall_settings ;-)
Are you *seriously* suggesting a family with two computers and a printer go to those lengths? I take it you will personally advise them all on the necessary setup ...
Are you *seriously* suggesting in case of a mix up of trusted and non-trusted network traffic in one same network the necessary setup to get this mess sufficiently secure is easy? Of course to get it somehow working regardless of security, one same network for every kind of traffic is easy to set up. For my family with exactly two computers and one printer (one more unexpected coincidence ;-) I use strictly separated network hardware for my internal network and then a sufficiently secure setup is relatively easy - but it is no "plug and play" experience. I do not own a DSL all-in-one router but I assume the easiest solution to get it working and sufficiently secure is to pay a reasonable price for a solid router-box which provides built-in out-of-the-box ready-to-use separation of the internal network from the stuff which belongs to the connection to the Internet. Unfortunately I do not trust any router-box (regardless what its manufacturer announced) because there have been too many reports about security issues in router-boxes. Even if the probability is low that a particular router-box which one uses has a security bug, I do not trust any of those devices. Just one example (only in German): http://www.heise.de/security/meldung/Oesterreich-Standardpasswort-oeffnet-70... In short: On a particular router-box ssh was running (usual port 22) and accessible from the Internet and there was a predefined admin password in the firmware of this piece of crap which gets one root access to the device. Great! Kind Regards Johannes Meixner -- SUSE LINUX Products GmbH, Maxfeldstrasse 5, 90409 Nuernberg, Germany AG Nuernberg, HRB 16746, GF: Markus Rex -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org