[CC'ing the linux-diald list, since it's always good to have
review of security information]
John Conover wrote:
>
> Cary O'Brien writes:
> >
> > In my opinion, slirp is much, much more secure than a PPP account. With
> > slirp, by default, there are NO incoming connections allowed (except for
> > ftp and the other incoming connections you explicitly allow). If someone
> > decides to mount a teardrop attack, the ISP's machine has to deal with
> > it, not your machine. If someone portscans for services, they see the
> > services running on the ISP's shell machine, not your machine.
> >
>
> Hi Cary. Thanks. Suppose, for example, you are browsing. What is the
> chance of intercepting packets and getting back to your machine?
>
> I think it is pretty remote, but possible?
>
Slirp works by
1) Managing the endpoint of your TCP/IP connection internally.
2) making a TCP/IP connection from the ISP machine to the target
machine on your behalf
3) Shuttling data between them.
So, someone on the ISP machine could sniff packets if they wanted
to. But since slirp is not listening for connections, it does not
seem possible for tcp/ip connections to be made to other services
on your box.
One hazard is, of course, nasty java or javascript, or even worse
active-x stuff or plugins that you download and run from your browser.
In this case you have made a connection to another machine, and are
running their code on your own machine. Jave and javascript are *supposed*
to be safe, but you don't know for sure.
If you are worried, run netscape as a very unpriviliged user (i.e.
not your regular account) or if really worried, run it in a chroot jail.
Bottom line (my opinion). Slirp is pretty safe. Turn off java and
javascript unless you really need it. If you have really critical
information on the machine, run netscape from a different account.
Make backups. Test your backups. Store some offsite.
Comments?
-- cary
-
To unsubscribe from this list: send the line "unsubscribe linux-diald" in
the body of a message to [EMAIL PROTECTED]
