Firewall Wizards mailing list archives
RE: Newspaper Article about Cable Modem security / Solutions?
From: "Kopf , Patrick E." <PEKopf () missi ncsc mil>
Date: Thu, 18 Nov 1999 09:32:15 -0500
I run a cable modem on my Win 95 box at home (using @Home as a matter of fact). I've been considering getting a product along the lines of Black Ice Defender or @Guard. I think both are in the $40-50 range. As of right now I have a conglomeration of different small security apps running (BOF, Nukenabber, etc.). Although these apps claim to do the kinds of things that I'm looking for, running a bunch of them at the same time brings up some performance issues. (Especially with only 32M of RAM.) I'm hoping that changing to one piece of software for my security needs will make things run a bit smoother. Pat Kopf -----Original Message----- From: Jeff B Boles [mailto:jboles () libfungrp com] Sent: Tuesday, November 16, 1999 1:22 PM To: 'firewall-wizards () nfr net' Subject: RE: Newspaper Article about Cable Modem security / Solutions? I hate to bring this thread up again since the dead horse has already been bludgeoned beyond recognition -- but I'm curious if anybody else has noticed fairly extensive visibility of this issue to consumers? During the past couple of weeks since this came up on this list, I've encountered 5 different people/families (including relatives), pretty much novices, that have encountered this article and decided not to pursue cable/dsl access. Considering how few people (other than my wife) I have regular discussions with, I'm well amazed by the sudden visibility of the issue. Further amazed that there seem to be no 'good' solutions for home users, i.e. under $200 solutions. Not a market I think much about, but other than the ISP ethical issues, I'm not sure that there was anything in the way of a good solution generated via this discussion? The barely win9x savvy folks in this market certainly aren't capable of supporting a linux box, aren't amused by my recommendations for pix/fw1/etc, find some emerging products such as the beadlenet box too expensive even at $300, and I've yet to find a two user shareware proxy such as wingate acceptable. Searching the history of this discussion I see no recommendations for better solutions. What are list members currently using on DSL/cable setups? We come in through the corporate network (still happy with Texas flat rate ISDN), so this has never been a personal issue. Anyone encountered better products for the average home user? Seems I can get some cheap ISDN 'routers' capable of doing basic NAT (i.e. don't some older ISDN ascend pipeline units support NAT?), even this would satisfy some. Anything similar available in DSL/cable units? - West Texas guy is ignorant of DSL/cable given recent arrival in this 'third world' market.
-----Original Message----- From: Holger Heimann [ mailto:hh () it-sec de <mailto:hh () it-sec de> ] Sent: Tuesday, November 09, 1999 3:40 AM To: firewall-wizards () nfr net Subject: Re: Newspaper Article about Cable Modem security I just loosley followed the discussion, because we've already been demonstrating the thread even for users of conventional modems using dial-in ISPs (with changing IPs) in 1998. I wondered what's new with this. Since then we offer a free little online "Netbios vulnerability check" which should be suitable for cablemodem users also, I think it's time to throw it in now: http://www.it-sec.de/vulchke.html <http://www.it-sec.de/vulchke.html>
We did a survey in 1998 where we found more than 12 percent of the people using dial-in ISPs and having file sharing enabled offering their disks to the world. By using hashes over the service characteristics a computers shows to the net, we were even able to recognise computers, when they dialed in again and got a different IP number. Highlight: a police department's disk ad no passwords, was even writable and connected to the internal network. so long, Holger -----Ursprüngliche Nachricht----- Von: Steven Osman <sosman () terratron com> An: <firewall-wizards () nfr net> Gesendet: Montag, 8. November 1999 14:46 Betreff: Re: Newspaper Article about Cable Modem securitySaso, and everyone on this thread... One thing that the ISP invonving themselves in security CAN gain isthis...Lawsuits galore! If you claim to help secure people's networks -- better doa good job of it.If you do a half-ass job (which is what the ISPs will beable to do atbest), people will eventually get hacked, and go to their ISPs foranswers.One of the wonderful things about living in the UnitedStates is the legalsystem and how easy it is to sue someone. You can sue themeven if yourcontract explicitly said you don't hold them liable for securityviolations.Nobody said you'll win every time, but if you don't, itwill sure be onehell of a headache for the ISP. Furthermore, this issue of liability raises an interestingpoint. Which ISPwould YOU choose: 1. I'll filter out some things you can do with yourinternet connection. Ifyou get hacked, don't look at me 2. I will let you do anything you want to with yourinternet connection. Ifyou get hacked, don't look at me Case #1, you need to take extra steps to secure your home.Case #2, youneed to take extra steps to secure your home. In thiscase, some people mayopt to "leave their options open" and go with #2. Steven Osman Terratron Technologies Inc. ----- Original Message ----- From: Saso <Saso () vsecureit net> To: <firewall-wizards () nfr net> Sent: Thursday, November 04, 1999 4:02 PM Subject: Re: Newspaper Article about Cable Modem securityISP involving themselves in security issues can't gain athing. And quitefrankly, I don't think ISPs should do anything more thanthey can if acustomers asks them to. If a customer wants port 139 to be closed for his xDSLline, why not. Butifthey don't want it to, it's their own decision and theyshould be wellawareof that.
Current thread:
- MicroFirewalls for home/low speed connections, (continued)
- MicroFirewalls for home/low speed connections chuck (Nov 18)
- Re: MicroFirewalls for home/low speed connections Nicholas Tang (Nov 21)
- Re: MicroFirewalls for home/low speed connections Aaron C. Springer (Nov 26)
- RE: MicroFirewalls for home/low speed connections Kurt Buff (Nov 30)
- MicroFirewalls for home/low speed connections chuck (Nov 18)
- Re: Home DSL security for a neophyte Bruce B. Platt (Nov 18)
- Re: Home DSL security for a neophyte Rafi Sadowsky (Nov 21)
- Message not available
- Re: Home DSL security for a neophyte Bruce B. Platt (Nov 28)
- Re: Newspaper Article about Cable Modem security / Solutions? Dorian Moore (Nov 21)
- Re: Newspaper Article about Cable Modem security / Solutions? Neil Ratzlaff (Nov 21)