New Zealand ADSL Mailing List


Re: Limited Port Mapping, Router or Firewall & Liability

From: Thing <linux_at_ihug.co.nz>
Date: Thu, 8 Jul 1999 12:56:45 +1200
Message-ID: <001201bec8dc$c1be7f40$0c01a8c0@kai.thing.dyndns.org>

>I assume, hamish, you refer to security. I believe it easiest and
cheapest
>to run an old box, separately, to access the internet. It is hard for any
>virus

Virus? I dont think these are the problem any more than they would be for a
dialup service more like a direct attack by a nasty person. Seeing as we are
on a now highly desirable permanent connection that spammers would just love
to abuse we have to be careful of such a possibility. If they did that they
would of course be stealing off us twice for bandwidth in and out, but how
would we recover this money?
What if we refused to pay telecom/xtra over such an attack? if it came to a
court action by telecom/xtra to recover this money would we be able to say
sorry we didnt use this someone else did? If we have the pinholes open
then I assume its our risk/fault not Telecom. Having been told of some
attacks on friends in the USA by spammers its a considerable worry for me as
I pay volume, at least they did not.

Could Telecom instigate an agreed volume limit per day of say 150meg (or
what ever) and then kill the connection? until the next 24 hour period or
until the user dialed an 0800 number and gave a pawword to reset? Just a
thought

:)

 to penentrate a lack of connection and similarly it is hard to
>download from that same level of connectivity! (I mean non connected
PC's!)
>A couple of Jaz drives allow convienant moving of large files as necessary.
>(eg 80M service packs!)

Doing this could see you possibly transfering Viruses......

>
>I'd be interested to hear any comments on such "firewalls", particularly of
>any more cost effective options.
>
>David Hingston
>
That old box if its say a dx2-66 with 16 meg of ram and a 350 meg hd (I
assume a seperate PC for internet use would actually be more powerful than
this) Would be adequate for a linux (or freebsd) firewall to be setup on it
and allow safe browsing behind with full access out but nothing in. Cost is
pretty neglegable in software terms, the pain as always is setting up linux
(is freebsd harder still?). I guess you would need a Dick Smith's network
kit ($200) to join your decent PC to your old one.

I wonder if there is a market to supply small linux firewalls to people?
Supply a CD with a linux system mirrored on it and then just copy it across
with some batch/script files which auto run?

Or maybe mirror a HD? I have a spare HD sitting around so if/when my
firewall packs a sad (102 days now ) I can just swap it physically and I
should be up and running in 30 minutes again. I wonder how easy that would
be to mirror.

There was a possibility of a business router Ive yet to see any comment from
Xtra on when this will be available or its rental cost.

Thing

To unsubscribe: send mail to majordomo@freebsddiary.cx
with "unsubscribe adsl" in the body of the message
Received on Thu Jul 8 12:56:45 1999


This archive was generated by hypermail 2.2.0 : Thu Nov 30 11:48:35 2006 EST