On Tue, Mar 13, 2012 at 8:29 PM, Ashok Narayanan <[email protected]> wrote: > > On Mar 13, 2012, at 3/13 9:16 PM, Cameron Byrne wrote: > > >> That's reality, and much as I love the e2e principle I think the ordinary >> citizen is better off behind default-deny. >> > > I am not trying to be dense, but why? > > What is the negative scenario of not having a homenet firewall on? Using > real examples from the last 5 years .... I would like to know how a cpe > firewall protects against real threats to modern software. > > It seems hard to predict a priori what a "real threat" is going to be. And > it seems unlikely that "modern software" is all that will be found in > average homes. For example, will the Android version on the refrigerator > display be updated? >
Agreed about a priori. BUT! what else do we have to go on? I am asking for a baseline to justify why a CPE firewall is required. In fact, i have asked for it multiple times on this thread, and all i get back is anecdotal hand waving, not technical reasons. Putting the E back in IETF, let's see some data about why this function of the system must exist. My cursory research says you are not going to be able to present a convincing amount of data to support the fact that a stateful inspection firewall should be applied in a contemporary home environment. I believe the spirit of Homenet is moving the internet forward without being beholden to the Morris worm and X.25 You mention Android running on the refrigerator, as if i am supposed to be concerned about that? Can you cite an example of an Android security flaw that a CPE firewall would have ever prevented? My guess is no, android does not listen on any ports (default non-root)... thus no inbound connections... thus... stateful firewall does not have a technical justification for obstructing e2e flows. If you want to talk about rooted devices running BIND 4.0, well... that person that is wise enough to manually do that i likely wise enough to allow the relevant firewall rules or PCP interactions to allow the bad guys in as well. > >> Personally I haven't run without an on-board firewall since I got my >> first wireless card (late 1999?). But we can't assume that applies to >> every home device. >> > > Most PC software has shipped with a firewall on for the last ~10 years > > And these have to be then managed, and the triggers for "should this flow be > allowed" will then transition to the PC as opposed to the CPE. Did the > system become any simpler, really? > I think there is some 3rd party off the shelf software that does these pop-ups.... but the PCs i run with native firewalls have never popped up to me like that. But, i agree... pop ups are not helpful. As an end user, i can proudly say i have a host based firewalls, but i have not once ever administered one (except sometimes i turn off the FW so i can ping my PC) > But the real issue to my mind is _non-PC_ software; the firmware on some > power-line bridge written for the cheapest dollar by pulling together some > version of Linux because the device had to sell for $25. Not only do all > these devices now need firewalls (unlikely), they now need an easy way to > manage these firewalls (next to impossible). > power-line bridge? Once again, please paint for me a realistic scenario of how a CPE firewall will protect this device? My first statement is that this device should not have a globally routable address, and therefore is not exposed to the internet, and does not need the CPE to filter for it. This is a good case for ULA in IPv6. Second, crappy software should not be tolerated or compensated for in Homenet. Setting the president that flawed software is acceptable is a slippery slope to somewhere bad. If it takes making application and host security requirements for endpoint, so be it. Passing the buck to the CPE/Firewall to give the illusion of security is not the right path. Tolerating broken software is also not the right path. Homenet is a unique opportunity to restore end to end ... or as some would say... the internet model.. Smart end points, dumb network. If we need a smart network, then lets make a real solid fact based exploration of threats and then we can select the appropriate compensating security controls. CB > -Ashok > > Cb >> Brian >> _______________________________________________ >> homenet mailing list >> [email protected] >> https://www.ietf.org/mailman/listinfo/homenet > > _______________________________________________ > homenet mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/homenet > > _______________________________________________ homenet mailing list [email protected] https://www.ietf.org/mailman/listinfo/homenet
