From: Anssi Hannula <anssi.hannula@gmail.com>
To: "R. DuFresne" <dufresne@sysinfo.com>
Cc: netfilter@lists.netfilter.org
Subject: Re: Messages in log with SNAT target
Date: Wed, 26 Jul 2006 11:16:19 +0300 [thread overview]
Message-ID: <44C724D3.2090602@gmail.com> (raw)
In-Reply-To: <Pine.LNX.4.64.0607252038520.10006@darkstar.sysinfo.com>
R. DuFresne wrote:
> On Mon, 24 Jul 2006, Anssi Hannula wrote:
>
>>> Sietse van Zanen wrote:
>>>
>>>> The security risk is, and it is a MAJOR one, especially with WiFi
>>>> networks is that any PC on the network could just be set up with a
>>>> private IP on your private network, start sniffing for passwords etc.
>>>>
>>>> It's a very, very bad idea to put your public and private WiFi
>>>> infratructure on the same physical network.
>>>> I would say, there's even no point in firewalling this. Firewalling
>>>> is seperating, you are combining.
>>>>
>>>> -Sietse
>>>
>>>
>>> In this case the private network is only a very small home network. I
>>> don't see there being too big a risk of anyone setting up a box with
>>> private IP on the network with harm on their mind. If that would be
>>> possible, wouldn't the security of the whole system be compromised so
>>> much that the private/public separation doesn't matter anymore?
>>>
>>> The main purpose of the private IPs here is the ease of use and having
>>> no public IP for a system if so wanted.
>
>
>
> Hopefully, for yer sake, you are the only home for mile and miles
> around....Yet, I doubt such is the case, so you are a risk to all sadly.
>
So, what do you suggest, then?
That I have 2 separate wireless networks, one for the internet and one
for the private network?
(the WLAN is of course WPA encrypted)
--
Anssi Hannula
next prev parent reply other threads:[~2006-07-26 8:16 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-07-24 9:17 Messages in log with SNAT target Anssi Hannula
2006-07-24 10:15 ` Sietse van Zanen
2006-07-24 10:24 ` Pascal Hambourg
2006-07-24 10:49 ` Sietse van Zanen
2006-07-25 13:21 ` Pascal Hambourg
2006-07-25 13:37 ` Sietse van Zanen
2006-07-24 11:03 ` Anssi Hannula
2006-07-24 11:33 ` Sietse van Zanen
2006-07-24 12:01 ` Anssi Hannula
2006-07-24 12:39 ` Sietse van Zanen
2006-07-24 12:55 ` Anssi Hannula
2006-07-26 0:40 ` R. DuFresne
2006-07-26 8:16 ` Anssi Hannula [this message]
2006-07-26 9:17 ` Sietse van Zanen
2006-07-26 11:21 ` Anssi Hannula
2006-07-26 11:22 ` Sietse van Zanen
2006-07-26 11:54 ` Anssi Hannula
2006-07-27 19:09 ` R. DuFresne
2006-07-27 19:46 ` Anssi Hannula
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=44C724D3.2090602@gmail.com \
--to=anssi.hannula@gmail.com \
--cc=dufresne@sysinfo.com \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.