On Wed, 2 Aug 2000 [EMAIL PROTECTED] wrote: > > > Cannot overemphasize importance of firewall when running site on DSL. > > > > Why? What is special in DSL? > > > > (followup to [email protected]) > > > bc. you are on a domain subnet. EVERY other connection (like the ISPs total > cuatomer base) can download free netadmin software and run it in promiscuous > mode (it lets anybody "in"/"on") to then receive the grand scheme of the > grand stream of ALL packets that enter that subnet.There are more than a few > stream editor etc. tools out there to enter expressions etc. to > start/stop/control a packet collection that just happens to be your traffic, > specifically. They can see all of exactly what you see/send/receive (back > orifice gives them TOTAL control of your computer, even while you use it and > especially after you use it). > > Don't take my word for it. Look about you. DSL "requires" you "participate" > with complete security, state of the art, up to the minute. Every net access > (in/out) needs full best of breed encryption/decryption, not just a firewall. > > Regards, > > JimcDTWlst > > P.S. > > There may be technical incorrectness in my description above, but those who > can refute any of the above points may have to admit that any point they > counter with will likely be shown to be quite debatable by their own peers.
Depends on the provider. Some providers will only let you see broadcast traffic and traffic destined for your mac- or ip- address. Same thing with cable modems. But whether or not you're on DSL or T1 or Cable Modem or ISDN or 9.6, you have an address reachable on the global internet and you can receive "unauthorized" traffic. It's just easier to notice an attack on a modem or ISDN since an attack may cause a noticeable performance degradation and/or take longer. Plus, if you're in a broadcast domain, you could possibly see neighboring broadcasts services like file & printer sharing. But those services are still reachable and attackable. (granted, an enterprising cracker could find a way to reprogram a cable modem to be promiscuous...) Having a firewall simply protects your network from unauthorized traffic; it does nothing to safeguard your traffic from being intercepted. Encryption and authentication services ensure the integrity and protect the data. (VPN/IPSEC, SSH). It doesn't matter of you're connected to a T1, ISDN, DSL, dial-up, or Cable Modem. You're addressable on the internet, you can be scanned, and someone in the internet along the path can still eavesdrop. john -- John B. Kramer [EMAIL PROTECTED] http://24.17.57.58/~yoda
