Re: Why use a firewall with dialup?

From: Loren M. Lang (lorenl_at_alzatex.com)
Date: 11/14/04

  • Next message: Remko Lodder: "Re: Why i cant start named" 
    Date: Sun, 14 Nov 2004 02:58:54 -0800
To: Jonathon McKitrick <jcm@FreeBSD-uk.eu.org>

    On Sat, Nov 13, 2004 at 09:12:37PM +0000, Jonathon McKitrick wrote:
    >
    > I've been using one for some time, but now that I have a mini network, it
    > has become a bit of a hassle updating the rules.
    >
    > If I disable all services but ssh, stay STABLE, and do not have a broadband
    > connection, what danger is there?

    Well, there is a possible DoS attack as your system gets hit with a load
    of TCP SYN packets which your system will respond with ICMP errors or
    SYN-ACK depending on the port. A firewall could drop all incoming
    packets not to TCP port 22 or part of an outgoing connection plus block
    incoming pings. And if you move ssh to, say, port 1243, there's very
    little chance anyone might even find your machine if they can't see ur
    outgoing traffic.

    Oh, and don't ever think your dial-up connection reduces the chance that
    you'll be attacked. You'd be a great target to use as a decoy when they
    decide to take down the FBI going through five cracked machines to hide
    their tracks.

    >
    > jm
    > --
    > _______________________________________________
    > freebsd-questions@freebsd.org mailing list
    > http://lists.freebsd.org/mailman/listinfo/freebsd-questions
    > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" 

    -- 
I sense much NT in you.
NT leads to Bluescreen.
Bluescreen leads to downtime.
Downtime leads to suffering.
NT is the path to the darkside.
Powerful Unix is.
Public Key: ftp://ftp.tallye.com/pub/lorenl_pubkey.asc
Fingerprint: B3B9 D669 69C9 09EC 1BCD  835A FAF3 7A46 E4A3 280C
 
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"
  • Next message: Remko Lodder: "Re: Why i cant start named"

    Relevant Pages

    • Re: ping question
      ... Why freebsd doesn't support it! ... port to freebsd. ... >> Bluescreen leads to downtime. ... >> Downtime leads to suffering. ...
      (freebsd-questions)
    • Re: Configuring PF
      ... >> have some problems testing the configuration. ... > takes them 3 minutes to port scan your machine, ... > Bluescreen leads to downtime. ... > Downtime leads to suffering. ...
      (freebsd-questions)
    • Re: Configuring PF
      ... > I don't actually seem to have any problems configuring it - I just ... > and I can access port 80...but I'd like to be able to just scan it to ... Bluescreen leads to downtime. ... Downtime leads to suffering. ...
      (freebsd-questions)
    • Re: Gettext wont install
      ... Try doing a make clean in the port directory and starting over. ... Bluescreen leads to downtime. ... Downtime leads to suffering. ...
      (freebsd-questions)
    • Re: Correction
      ... Normally to physically disconnect is just a matter of reaching for the ... >> I have an ADSL connection which polls my computer from time to time, ... > disallow each and every port with Windows Firewall? ...
      (microsoft.public.windowsxp.messenger)