[plug] Linux thin clients
Craig Ringer
craig at postnewspapers.com.au
Sun Aug 24 20:01:54 WST 2003
>>Why 3 NICs?
>>
>> [ ]-----ADSL-----
>>--LAN----[firewall]
>> [ ]---802.11b----
>>
>>I won't even consider having the 802.11b connected to the LAN except via
>>the firewall - ditto the ADSL link. So it's 3 NICs for me. *sigh*.
>
> Hypothetical:
>
> If you completely trusted your internal network not to hijack a
> pppoe connection, could you safely put the ADSL modem on the same
> internal LAN network?
If you also completely trusted your DSL modem and the admin of the
ISP/Telstra router/DSLAM on the other end of the link, then yes. Of
course, this is only worth considering with PPPoE, since with a
DSL->ethernet bridge connection you're opening yourself up to all sorts
of spoofing issues.
> Are there any other exploitable avenues by having your pppoe modem
> on the same LAN as the clients you're trying to protect?
Not that I know of. Of course, I really prefer to play it safe anyway.
While you only have to be a harder target than the next guy, I prefer to
be a harder target than the next 3 or so ;-)
A DSL modem is still a bridge from the outside world onto my network.
Craig Ringer
More information about the plug
mailing list