Mailinglist Archive: opensuse-security (685 mails)

< Previous Next >
Re: [suse-security] T-DSL 'routing' through a network - is it unsafe ?!
  • From: Klaus Franken <kfr@xxxxxxxxxxxxxxxx>
  • Date: Mon, 4 Feb 2002 13:25:00 +0100
  • Message-id: <20020204132500.A10235@xxxxxxxxxxxxxxxxxxxxxxxx>
On Mon, Feb 04, 2002 at 12:02:49AM +0100, Michael Paarmann wrote:
> Hi Klaus !

> I've found an info at ADSL4LINUX, that the whole LAN-traffic floods to the
> broadband-POP of the fat-T (ergg, fat-T ist the german TELEKOM). The
> TELEKOM says, that the modem is stuffed with a so-called
> "self-leaning-bridge", which can decide (after a training time), which
> IP-packet is for the lan and whist has it's destination in the www. But in
> my opinion, self-leaning sounds not very safe. I think a "real" dsl-router
> is a better solution. With the big white fat-t-box i'll make no
> experiments. See ya, Michel ;-)
>
> >On Wed, Jan 30, 2002 at 10:42:32PM +0100, Michael Paarmann wrote:
> > > Dear List members,
> > >
> > > Does anyone know, if it is a security risk when i connect a DSL modem by
> > > the TELEKOM with a switch and the computer with the pppoed demon is
> > > connected via a switch to the modem and not directly? At the moment the
> > > situation is, that the T-DSL-Modem is connected to a linux router pc with
> > > pppoed, squid, and iptables. With the second network device the pc is
> > > connected to the local network. Due different reasons it would be nice, if
> > > the modem is directly connected to a switch and the linux router is
> > > somewhere else. I'm not sure, if somebody can hack or modify different
> > > packets, so that they don't reach the pc with the pppoed demon but another
> > > local workstation. The T-DSL modem is not a real router (Modem by SIEMENS)
> > > and it can only be connected by one single pc, but is real safe ?
> > > Has anybody a hint ? Thanx a lot in advance.
> > >
> > > Michael

Hi Michael,

the question is: use the same network cables or not.
Your answer above seems to say: don't use the same cable for internal net
and dsl net. So we need a dsl-router...

A commercial dsl-router is very expensive :-(

Why don't use an old PC with two network cards as a router?
See: smoothwall.org

It is a mini-linux-distribution with
DSL
ISDN
Modem
Web-Interface
Proxy
Firewall
VPN
...

I just downloaded smoothwall (20 MB Iso-Image) and installed on an old PC
(130 MH Pentium, Harddisk, 2 network cards) and it looks very nice! :-)
(But no real test yet because no DSL yet ...)


--

Klaus Franken, mail@xxxxxxxxxxxxxxxx

------------------------------------------------------------
D O N ' T P A N I C !!!
------------------------------------------------------------
Uptime: Linux 2.2.19, 5 Days, 2:33 Hours

< Previous Next >
References