Hendrik Boom wrote:
On Wed, Jul 27, 2005 at 07:17:45AM -0500, John Hasler wrote:
Doofus writes:
...for the home DSL market there are far more examples of combined
modem-routers than seperate components.
All that I know of can be configured in "bridge mode", disabling the router
and firewall functions. As most run closed-source software of unknown
quality, it's best to do so and run a seperate Free Software router.
Of course, those that run Linux and can be upgraded to Debian are a
different story.
And that's not a fecetious remark. Just about any PC can be outfitted
with a bunch of ethernet cards and Debian and made to do routing.
What I've had trouble getiing, though, is a wireless access point to
connect to my ethernet without it doing anything else.
Well, I didn't understand John's closing sentence at all and still
don't, unless the reference to upgrading linux to debian was
tongue-in-cheek humour. He seems to be saying "put the router you've
shelled out for into zero-IP bridge mode and don't firewall with
anything other than a home built debian solution". Feel free to correct
me here, but I intend to drop this subject shortly in any case.
I see nothing wrong with using firewalls like smoothwall or ipcop which
are designed exclusively for this purpose and for which the source code
is openly available - which in turn means that people who know more
about these things than me will have been through the code with a fine
toothed comb. On the other hand, to write off any commercially available
modem/router/firewall (which will give you stateful packet inspection,
unlike the dual-NIC linux solutions I'm familiar with) just because you
don't have the full source code for any underlying OS seems utterly
absurd to my mind. Firewalling is achieved with your own set of filter
rules and there's nothing to stop you hammering the WAN side with nmap.
I'm sure any long standing manufacturer of such equipment wants to
remain so, and any security holes in their products would be exposed in
short order.
Admiration for your personally preferred hardware/OS/software is one
thing (isn't this one of the joys of open source?). Downright blind
obsession and weird ideas about political correctness in these matters
is quite another. Lord knows we have no shortage of the latter in the
debian community, and I say this as a confirmed die-hard debianite.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
