----- Original Message -----
From: shimi <[EMAIL PROTECTED]>
> Direct access through the router will be indeed blocked.
> If someone brakes into a system that has access to one of your local ones,
> yes, he could access them too.
> In order that NO matter what happens, your 192.168.* should stay
> untouchable, the truth solution would be a NAT firewall, bascailly a lame
> linux box, that has NO PORT open AT ALL (and thus untouchable, no matter
> what) and an IPChains rule to MASQ any packets coming from 192.168.0.0/24
> that way they have full internet out, and nobody can get in I have no
> "grade" or anything about security, so take my words "as is".
> basically i am correct if it's not possible to hack into a machine without
> listening ports. if I am wrong - I stand to be corrected.
>
Thanks for clearing up what I was worried about. Good thing to find out by
asking than actually putting my private machines out to the pasture and
finding out that they have been compromised. It seems I will have to build
a linux box for the firewall. I have plenty of old boxes around so it
shouldn't be a problem.
James Kim
_______________________________________________
cobalt-security mailing list
[EMAIL PROTECTED]
http://list.cobalt.com/mailman/listinfo/cobalt-security
