On 9 December 2013 09:12, Hey, Lukas (KRZ) <[email protected]> wrote: > C'mon guys, > > you spend way too much time discussing packet filtering rules and programs > for a > machine which is hooked up via modem. Of course you can avoid things that > "might > happen" when dialed up or connected to some public wifi.
Just my 2c. In this day and age a "USB dialup modem" might be a "3G connection with a USB modem provided by a Telco company". That type of connection gives you a public IP in an address space anyone can (and will) probe and attack. Publi WiFi is also risky, even if the address space is private, if the WiFi is run by a densely populated area people (or trojans running in other people's devices) might want to see what "machines are out there" in the WiFi and probe/attack them. I've seen this quite a lot in public hotspot areas. Either way I think a firewall with a basic configuration is useful anyway. Should you inadvertently install or enable something that might be compromised from the outside you are making it more difficult for them to do. Also, since your device is not using anyother networked devices and not sharing files/services/printers, the firewall configuration is going to be simpler than, e.g., a laptop which is part of a LAN and wants to access UPnP devices and use auto-discovery protocols (such as avahi) > You should rather worry if the announced gateway at the public library is the > real > one ;) True, ARP spoofing attacks are very common over public WiFi connections (as a first step to MITM attacks). I've seen this frequently in public WiFi at some congress I've attended to. That's why you should exercise caution when using a WiFi network. I.e. if you go to a SSL site and see a "invalid certificate" prompt from your browser it's probably somebody trying to MITM you. Regards Javier -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/CAB9B7UvcdyoG+VTYGy5zDjtdcV3yicUx2=z9nytcaym3fyf...@mail.gmail.com
