Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Cable Vs. DSL

From: "Cosentino, Guilherme V." <Guilherme.Cosentino () alcoa com br>
Date: Fri, 25 Apr 2003 17:00:02 -0300
I found a very good document about this issue on
http://www.sans.org/rr/homeoffice/sniffing.php
Must read it.

Rgrds

Guilherme

-----Original Message-----
From: Xueyan Liu [mailto:xueyall () yahoo com] 
Sent: Friday, 25 de April de 2003 4:36 PM
To: Cosentino, Guilherme V.; 'Chris Travers'
Cc: security-basics () securityfocus com
Subject: RE: Cable Vs. DSL


--- "Cosentino, Guilherme V." <Guilherme.Cosentino () alcoa com br> wrote:

Here in Brazil,in most cases, traffic between
customers and ISP is
"tunneled" by PPPoE after cable modem boot and POST.
The communication
between cable modems is not allowed due to the
config file parameters
received just after the boot. Unfortunately, the
official documentation
of Managing Committee (a brazilian task force that
writes
recommendations to Internet use) are in Portuguese.
BTW, here's the
link:
http://www.cg.org.br/grupo/seg_cabo.htm

My question is: Is it possible to snif encapsulated
traffic? I don't
think so, but maybe I'm wrong...



I would think you can. Encapsulation just add another
header in front as long as the data (payload) itself
is not encrypted.

Xueyan

 

Guilherme

-----Original Message-----
From: Chris Travers
[mailto:chris () travelamericas com]
Sent: Thursday, 24 de April de 2003 11:00 PM
To: Xueyan Liu
Cc: security-basics () securityfocus com
Subject: Re: Cable Vs. DSL


Xueyan Liu wrote:


since you brought up router/firewall, do you think

a

simple router such as linksys or netgear which does
NAT, drop based on port number and port forwarding
provides enough security for SOHO users behind a
cable/dsl modem?

Xueyan
 


Hi Xuehan;

My own opinion is that for a SOHO office this is
generally enough of a
security *product* when combined with good
anti-virus software because 
these routers effectively create a barrier by not
allowing inbound 
connections in their default settings.  However,
this does not prevent 
trojans using *outbound* connections from being
installed via 
email....   But no security product can provide
*enough security*.  
Instead. I think, it is important to combine it with
awareness of social

engineering/email and virus-like trojans, etc.

Best Wishes,
Chris Travers




---------------------------------------------------------------------------
Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the 
world's premier event for IT and network security experts.  The two-day 
Training features 6 hand-on courses on May 12-13 taught by professionals.  
The two-day Briefings on May 14-15 features 24 top speakers with no vendor 
sales pitches.  Deadline for the best rates is April 25.  Register today to 
ensure your place.  http://www.securityfocus.com/BlackHat-security-basics 
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: