-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thu, 25 Sep 2003, Steve Brorens wrote:
> David said:
> > A common example of this folly is to limit people to say 80/443,
> > which prevents people from doing anything they like. It does
> > _no_ _such_ _thing_, it's trivial to set up a tunnel ov
David said:
> ...So long as you allow _any_ data (even de-encapsulated over say a
> userspace TCP relay) to pass between the Internet and your PC, there
> is a way it can be used to compromise you. Dropping ports makes it
> marginally harder, but not hard enough for the truely motivated.
>
> A
post of the month, thanks for the explanation.
On Wed, 24 Sep 2003 16:41:21 +1200 (NZST)
David Zanetti <[EMAIL PROTECTED]> wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> On Wed, 24 Sep 2003, Matthew Gregan wrote:
>
> > NAT does not provide the same protection as a packet filter o
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, 24 Sep 2003, Matthew Gregan wrote:
> NAT does not provide the same protection as a packet filter or firewall.
That depends on a lot of factors and exactly what you define as a "packet
filter" or a "firewall".
There's a few misunderstanding
.
To: [EMAIL PROTECTED]
Subject:Re: OT -ADSL router capable of multiple VPN connections to
sames erve r?
On Wed, Sep 24, 2003 at 04:05:36PM +1200, wrote:
> Perhaps I should have worded ..
> .everything which I "deliberately" used IPCop for.
Y
On Wed, Sep 24, 2003 at 04:05:36PM +1200, wrote:
> Perhaps I should have worded ..
> .everything which I "deliberately" used IPCop for.
You weren't using IPCop as a firewall?
NAT does not provide the same protection as a packet filter or firewall.
I tried to hint at this with my q
On Wed, 24 Sep 2003 15:29:10 +1200
Matthew Gregan <[EMAIL PROTECTED]> wrote:
> On Wed, Sep 24, 2003 at 03:09:01PM +1200, Nick Rout wrote:
> > and with a NAT router/modem they do get that protection to a large
> > degree. Nothing gets in without a pinhole set by the user (same as ipcop)
> > or a f
capable of multiple VPN connections to
same s erve r?
On Wed, Sep 24, 2003 at 03:53:02PM +1200, wrote:
> I am with Nick on this one.
> After using IPCop for a while I realised that my ADSL router with NAT
> did everything which I used IPCop for, so I retired the IPCop box.
On Wed, Sep 24, 2003 at 03:53:02PM +1200, wrote:
> I am with Nick on this one.
> After using IPCop for a while I realised that my ADSL router with NAT
> did everything which I used IPCop for, so I retired the IPCop box.
How does your ADSL "router" handle source routed packets?
-mjg
--
Matthew
PROTECTED]
Sent: Wednesday, 24 September 2003 3:29 p.m.
To: [EMAIL PROTECTED]
Subject:Re: OT -ADSL router capable of multiple VPN connections to
sames erve r?
On Wed, Sep 24, 2003 at 03:09:01PM +1200, Nick Rout wrote:
> and with a NAT router/modem they do get that protection t
..and I found some on Trademe.
-Original Message-
From: Nick Rout [mailto:[EMAIL PROTECTED]
Sent: Wednesday, 24 September 2003 3:09 p.m.
To: [EMAIL PROTECTED]
Subject:Re: OT -ADSL router capable of multiple VPN connections to
sames erve r?
and with a NAT
On Wed, Sep 24, 2003 at 03:09:01PM +1200, Nick Rout wrote:
> and with a NAT router/modem they do get that protection to a large
> degree. Nothing gets in without a pinhole set by the user (same as ipcop)
> or a flaw in the router (possible, also possible with ipcop).
> nevertheless most people are
and with a NAT router/modem they do get that protection to a large
degree. Nothing gets in without a pinhole set by the user (same as ipcop)
or a flaw in the router (possible, also possible with ipcop).
you don't get to control what goes out (same on ipcop, although a
rewrite of the iptables stuff
On Wed, 24 Sep 2003 14:03, you wrote:
> They don't want yet another computer
> just to get a connection.
Indeed!
But they _do_ want another computer to protect them from all the evil-doers out there.
You should see my log files with all the cracking attempts.
--
Sincerely etc.,
Christopher Sawtel
: Wednesday, 24 September 2003 12:48 p.m.
To: [EMAIL PROTECTED]
Subject: Re: OT -ADSL router capable of multiple VPN connections to same
s erve r?
this appears to be the tecnical reason:
"Q. I cannot connect from more than one computer at the same time.
A. PPTP uses protocol GRE (47) for i
On Wed, 24 Sep 2003 12:41:16 +1200
CF <[EMAIL PROTECTED]> wrote:
> Does IPCOP do anything to help in this instance?
> http://www.ipcop.org/1.3.0/en/admin/html/vpnaw.html
> That says VPNs are possible, terminated from the IPCOP box.
thats an ipsec vpn, quite different to pptp. it creates a tunnel
this appears to be the tecnical reason:
"Q. I cannot connect from more than one computer at the same time.
A. PPTP uses protocol GRE (47) for it's tunnel. When two clients behind a single NAT
firewall
connect to the same PPTP server, their source IP address will be
rewritten by their firewall.
On Wed, 2003-09-24 at 12:06, Bryce Stenberg wrote:
> >So is each workstation making a separate PPTP connection to the router?
> No, the pptp tunnel is from the client's PC through to the server on the
> internet, the router has to do network address (and port?) translation.
> >Or are they making
Hi again,
>So is each workstation making a separate PPTP connection to the router?
No, the pptp tunnel is from the client's PC through to the server on the
internet, the router has to do network address (and port?) translation.
>Or are they making a PPTP connection to the remote VPN server on
19 matches
Mail list logo
