----- Original Message -----
From: HAMISH MACEWAN <hamish@usa.net>
To: ADSL List <adsl@freebsddiary.cx>
Sent: Thursday, July 08, 1999 11:35 AM
Subject: Re: Limited Port Mapping, Router or Firewall & Liability

<deleted>
>
> Glenn has pointed out that if "accept all" connections were an option on
the
> M10, (my cunning plan of mapping all ports to all ports was flawed as Dan
> suggested, and I feared) then a topology like:
>
> Internet <-> M10 <-> "Firewall" <-> Inside network
>
> Would be fine. What's interesting is that with the Efficient option of an
> internal modem you get Dr David's situation:
>
> Internet <-> [Effcient-PC]
>
> Trying to illustrate the Efficient installed in the PC, which incidentally
> unless there is some upstream control, completely exposed to the Internet,
> "which has no pinhole problems." No, definitely not, but there might be
some
> other problems with that exposure.

I assume, hamish, you refer to security. I believe it easiest and cheapest
to run an old box, separately, to access the internet. It is hard for any
virus to penentrate a lack of connection and similarly it is hard to
download from that same level of connectivity! (I mean non connected PC's!)
A couple of Jaz drives allow convienant moving of large files as necessary.
(eg 80M service packs!)

I'd be interested to hear any comments on such "firewalls", particularly of
any more cost effective options.

David Hingston

> <deleted>
> Hamish.
>
> ____________________________________________________________________
> Get free e-mail and a permanent address at http://www.netaddress.com/?N=1
>
> To unsubscribe: send mail to majordomo@freebsddiary.cx
> with "unsubscribe adsl" in the body of the message
>

To unsubscribe: send mail to majordomo@freebsddiary.cx
with "unsubscribe adsl" in the body of the message
Received on Thu Jul 8 10:22:41 1999