Re: wireless security on notebooks

[krymson () gmail com]

I'm not sure what you mean about singularity. I can say that George and I are talking about different directions. I was 
referring to traffic heading out of your LAN while George is talking about traffic heading into your LAN. Good question!

George's suggestion is a practical one, and really doesn't hurt you. It makes sense to make sure a block is in place to 
stop private IP addresses from coming into your firewall from the Internet (WAN) side, and slipping through into your 
internal (LAN) network. 

I think this issue comes up more with "built" firewalls like iptables or pf, but is not a common issue with firewall 
appliances like SOHO routers/firewalls. They should be blocking things like that natively, and I'd be surprised if they 
even have options to toggle that behavior.


<- snip ->
Thank you both for your answer and help.

I have a doubt regarding the spuffing issue:

Krymson says:

> 3) The IP 192.168.0.x is not an Internet routable address. Your cable modem, or wireless
> AP, or whatever you use to get to the Internet will not let that pass through to the WAN
> side. So nothing to worry about there!

and George says:
> Blocking incoming packets to your WAN from any private scheme
> of IP addresses - 10.0.0.0 ? 10.255.255.255 172.16.0.0 ? 172.31.255.255
> and 192.168.0.0 ? 192.168.255.255 - is a good idea. In networking terms
> is called IP Spoofing meaning that someone using any IP from the above range
> may deceive your firewall settings and interpreted as someone from your internal
> network!!

Is there a singularity with these address ranges ?