On Sunday 7 March 2004, paul at clubi.ie (Paul Jakma) wrote:
>On Sun, 7 Mar 2004, Niall O Broin wrote:
>>> Given experiences with Origo routers, it might behove you to ensure
>> that said telnet port is not open to access from the internet IP of
>> the router.
>>And not only the telnet port on the standard telnet port number, but
>also the one located somewhere between port 200 and 300.
That's a very good point of Paul's, and bears expanding on. No matter
what solution you use for broadband access, it's a sound idea to run
nmap against your externally visible address from somewhere else in the
internet to see what ports are open, and to see if that gels with what
ports you intended to be / thought to be open.
Of course the problem there, esp. for those who work doesn't give them
access to testing boxes, is to find a source from which to do the nmap.
A friend using Linux on a broadband connection is one choice. If all
else fails, you might ask here on list for somebody to do a friendly
probe for you. In that case, it'd be a good idea to get some idea of who
you're asking, and to send your IP to that person privately.
>Though, the best thing to do with DSL Ethernet 'routers' is just run
>them in bridging mode and let a decent OS do the actual routing bit.
That's certainly a point of view, and is what I do, but nonetheless many
people will use standalone boxes for their convenience, or for instance
when somebody has one PC which is dual booted with Linux and some other
OS which is even more insecure than the worst standalone router box.
And even if you do use a Linux box as your router, running nmap against
it from somewhere else is still a sound idea.
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!