David said:
...So long as you allow _any_ data (even de-encapsulated over say a
userspace TCP relay) to pass between the Internet and your PC, there
is a way it can be used to compromise you. Dropping ports makes it
marginally harder, but not hard enough for the truely motivated.
A
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thu, 25 Sep 2003, Steve Brorens wrote:
David said:
A common example of this folly is to limit people to say 80/443,
which prevents people from doing anything they like. It does
_no_ _such_ _thing_, it's trivial to set up a tunnel over 443
Hi again,
So is each workstation making a separate PPTP connection to the router?
No, the pptp tunnel is from the client's PC through to the server on the
internet, the router has to do network address (and port?) translation.
Or are they making a PPTP connection to the remote VPN server on
On Wed, 2003-09-24 at 12:06, Bryce Stenberg wrote:
So is each workstation making a separate PPTP connection to the router?
No, the pptp tunnel is from the client's PC through to the server on the
internet, the router has to do network address (and port?) translation.
Or are they making a
this appears to be the tecnical reason:
Q. I cannot connect from more than one computer at the same time.
A. PPTP uses protocol GRE (47) for it's tunnel. When two clients behind a single NAT
firewall
connect to the same PPTP server, their source IP address will be
rewritten by their firewall.
On Wed, 24 Sep 2003 12:41:16 +1200
CF [EMAIL PROTECTED] wrote:
Does IPCOP do anything to help in this instance?
http://www.ipcop.org/1.3.0/en/admin/html/vpnaw.html
That says VPNs are possible, terminated from the IPCOP box.
thats an ipsec vpn, quite different to pptp. it creates a tunnel
September 2003 12:48 p.m.
To: [EMAIL PROTECTED]
Subject: Re: OT -ADSL router capable of multiple VPN connections to same
s erve r?
this appears to be the tecnical reason:
Q. I cannot connect from more than one computer at the same time.
A. PPTP uses protocol GRE (47) for it's tunnel. When two
On Wed, 24 Sep 2003 14:03, you wrote:
They don't want yet another computer
just to get a connection.
Indeed!
But they _do_ want another computer to protect them from all the evil-doers out there.
You should see my log files with all the cracking attempts.
--
Sincerely etc.,
Christopher Sawtell
and with a NAT router/modem they do get that protection to a large
degree. Nothing gets in without a pinhole set by the user (same as ipcop)
or a flaw in the router (possible, also possible with ipcop).
you don't get to control what goes out (same on ipcop, although a
rewrite of the iptables
On Wed, Sep 24, 2003 at 03:09:01PM +1200, Nick Rout wrote:
and with a NAT router/modem they do get that protection to a large
degree. Nothing gets in without a pinhole set by the user (same as ipcop)
or a flaw in the router (possible, also possible with ipcop).
nevertheless most people are
..and I found some on Trademe.
-Original Message-
From: Nick Rout [mailto:[EMAIL PROTECTED]
Sent: Wednesday, 24 September 2003 3:09 p.m.
To: [EMAIL PROTECTED]
Subject:Re: OT -ADSL router capable of multiple VPN connections to
sames erve r?
and with a NAT
PROTECTED]
Sent: Wednesday, 24 September 2003 3:29 p.m.
To: [EMAIL PROTECTED]
Subject:Re: OT -ADSL router capable of multiple VPN connections to
sames erve r?
On Wed, Sep 24, 2003 at 03:09:01PM +1200, Nick Rout wrote:
and with a NAT router/modem they do get that protection
On Wed, Sep 24, 2003 at 03:53:02PM +1200, wrote:
I am with Nick on this one.
After using IPCop for a while I realised that my ADSL router with NAT
did everything which I used IPCop for, so I retired the IPCop box.
How does your ADSL router handle source routed packets?
-mjg
--
Matthew
of multiple VPN connections to
sames erve r?
On Wed, Sep 24, 2003 at 03:53:02PM +1200, wrote:
I am with Nick on this one.
After using IPCop for a while I realised that my ADSL router with NAT
did everything which I used IPCop for, so I retired the IPCop box.
How does your ADSL router
On Wed, 24 Sep 2003 15:29:10 +1200
Matthew Gregan [EMAIL PROTECTED] wrote:
On Wed, Sep 24, 2003 at 03:09:01PM +1200, Nick Rout wrote:
and with a NAT router/modem they do get that protection to a large
degree. Nothing gets in without a pinhole set by the user (same as ipcop)
or a flaw in
On Wed, Sep 24, 2003 at 04:05:36PM +1200, wrote:
Perhaps I should have worded ..
.everything which I deliberately used IPCop for.
You weren't using IPCop as a firewall?
NAT does not provide the same protection as a packet filter or firewall.
I tried to hint at this with my
.
To: [EMAIL PROTECTED]
Subject:Re: OT -ADSL router capable of multiple VPN connections to
sames erve r?
On Wed, Sep 24, 2003 at 04:05:36PM +1200, wrote:
Perhaps I should have worded ..
.everything which I deliberately used IPCop for.
You weren't using IPCop
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, 24 Sep 2003, Matthew Gregan wrote:
NAT does not provide the same protection as a packet filter or firewall.
That depends on a lot of factors and exactly what you define as a packet
filter or a firewall.
There's a few misunderstandings
post of the month, thanks for the explanation.
On Wed, 24 Sep 2003 16:41:21 +1200 (NZST)
David Zanetti [EMAIL PROTECTED] wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, 24 Sep 2003, Matthew Gregan wrote:
NAT does not provide the same protection as a packet filter or
19 matches
Mail list logo