[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] Might be off topic. Are computers with168.192.x.xsafe from Internet?
- Subject: Re: [cobalt-security] Might be off topic. Are computers with168.192.x.xsafe from Internet?
- From: "jwk at Zone Alpha" <jwk@xxxxxxxxxxxxx>
- Date: Sat, 2 Jun 2001 21:16:38 -0400
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
----- Original Message -----
From: shimi <shimi@xxxxxxxxxxxxxxxx>
> Direct access through the router will be indeed blocked.
> If someone brakes into a system that has access to one of your local ones,
> yes, he could access them too.
> In order that NO matter what happens, your 192.168.* should stay
> untouchable, the truth solution would be a NAT firewall, bascailly a lame
> linux box, that has NO PORT open AT ALL (and thus untouchable, no matter
> what) and an IPChains rule to MASQ any packets coming from 192.168.0.0/24
> that way they have full internet out, and nobody can get in I have no
> "grade" or anything about security, so take my words "as is".
> basically i am correct if it's not possible to hack into a machine without
> listening ports. if I am wrong - I stand to be corrected.
>
Thanks for clearing up what I was worried about. Good thing to find out by
asking than actually putting my private machines out to the pasture and
finding out that they have been compromised. It seems I will have to build
a linux box for the firewall. I have plenty of old boxes around so it
shouldn't be a problem.
James Kim