> this one mentions a Nokia M10 Router:
> http://x23.deja.com/[ST_rn=ps]/getdoc.xp?AN=497581894.1&CONTEXT=931301126.800063581&hitnum=1

Check out http://support.microsoft.com/support/kb/articles/Q158/6/23.asp
for the official word on NetMeeting 2. Short version is 'forget it'
through an M10.

> In my opinion, what we need is the ability to allow all routing through the
> modem. At present it is a "deny all" (standard and sound security) but what
> you need is an "accept all" (much more insecure).

I'm with you on this, but I can easily see why Telecom made the decision
they did. The big thing here is that you have only one 'real' IP address
and, in the case of NetMeeting, an app that could potentially start
listening on whatever port it likes. So, when a UDP packets comes in on,
say port 6398, how is the M10 supposed to know what to do with it. Like
you said yourself, it's a router, not a firewall.

The only way to get what you're talking about is to have a config like:

Internet <-> M10 <-> "Firewall" <-> Inside network

Then put proxying and other smartness on the Firewall box, and stick in
accept all and a policy route to the Firewall machine in question. The
problem
here is that you have to have both the smarts to do this and a spare box
left over to install an OS like *BSD or Linux on. I leave out NT because
NT + decent firewall software == $$$. I do not believe that Telecom
considers this an option that many punters will even consider.

Still, for those of us that could do this securely, it'd be nice to have
the option! Telecom's problem is that if they allowed it, people would
switch it on, and then you've got a permanent exploitable link sitting
there waiting to be punished. This could be a legal hornets nest,
methinks.

G.

To unsubscribe: send mail to majordomo@freebsddiary.cx
with "unsubscribe adsl" in the body of the message
Received on Wed Jul 7 11:46:04 1999