Security Basics mailing list archives

RE: Cable Vs. DSL

From: "Cosentino, Guilherme V." <Guilherme.Cosentino () alcoa com br>
Date: Fri, 25 Apr 2003 16:26:53 -0300

Here in Brazil,in most cases, traffic between customers and ISP is
"tunneled" by PPPoE after cable modem boot and POST. The communication
between cable modems is not allowed due to the config file parameters
received just after the boot. Unfortunately, the official documentation
of Managing Committee (a brazilian task force that writes
recommendations to Internet use) are in Portuguese. BTW, here's the
link:
http://www.cg.org.br/grupo/seg_cabo.htm

My question is: Is it possible to snif encapsulated traffic? I don't
think so, but maybe I'm wrong...

Guilherme

-----Original Message-----
From: Chris Travers [mailto:chris () travelamericas com] 
Sent: Thursday, 24 de April de 2003 11:00 PM
To: Xueyan Liu
Cc: security-basics () securityfocus com
Subject: Re: Cable Vs. DSL


Xueyan Liu wrote:

since you brought up router/firewall, do you think a
simple router such as linksys or netgear which does
NAT, drop based on port number and port forwarding
provides enough security for SOHO users behind a
cable/dsl modem?

Xueyan

Hi Xuehan;

My own opinion is that for a SOHO office this is generally enough of a 
security *product* when combined with good anti-virus software because 
these routers effectively create a barrier by not allowing inbound 
connections in their default settings.  However, this does not prevent 
trojans using *outbound* connections from being installed via 
email....   But no security product can provide *enough security*.  
Instead. I think, it is important to combine it with awareness of social

engineering/email and virus-like trojans, etc.

Best Wishes,
Chris Travers


------------------------------------------------------------------------
---
Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam,
the 
world's premier event for IT and network security experts.  The two-day 
Training features 6 hand-on courses on May 12-13 taught by
professionals.  
The two-day Briefings on May 14-15 features 24 top speakers with no
vendor 
sales pitches.  Deadline for the best rates is April 25.  Register today
to 
ensure your place.
http://www.securityfocus.com/BlackHat-security-basics 
------------------------------------------------------------------------
----

Attachment: smime.p7s
Description:

Current thread:

RE: Cable Vs. DSL, (continued)
- RE: Cable Vs. DSL Jacob McMaster (Apr 23)
- RE: Cable Vs. DSL Mike Heitz (Apr 23)
  - RE: Cable Vs. DSL Xueyan Liu (Apr 24)
    - RE: Cable Vs. DSL David Gillett (Apr 25)
    - Re: Cable Vs. DSL Chris Travers (Apr 25)
    - Re: Cable Vs. DSL Callan K L Tham (Apr 25)
    - Re: Cable Vs. DSL Frank Gearhart (Apr 28)
- RE: Cable Vs. DSL Lucas Zaichkowsky (Apr 23)
- Re: Cable Vs. DSL David Vertie (Apr 24)
- RE: Cable Vs. DSL Cosentino, Guilherme V. (Apr 28)
- RE: Cable Vs. DSL Cosentino, Guilherme V. (Apr 28)
  - RE: Cable Vs. DSL Xueyan Liu (Apr 28)
- Re: Cable Vs. DSL Chris Berry (Apr 29)
  - Re: Cable Vs. DSL Brian Eckman (Apr 30)
- RE: Cable Vs. DSL Jordan Jesse - Toronto-MROC (Apr 30)