ADSL PROBLEM

Peter Whittaker pwwnow at gmail.com
Wed Apr 4 11:46:23 UTC 2007 

On Tue, 2007-03-04 at 21:49 -0400, Maurice Murphy wrote:
> When attempting to configure an ADSL connection on a Feisty Beta box, 
> the pppodconf utiltiy failed part way through its initial process after 
> identifying eth0.  This box previously was successful in making a direct 
> cable connection through the same eth0.  Any ideas to solve this problem 
> would be most welcome.  Thanks, Maurice

Use a router. And never connect a machine running beta software directly
to the Internet, unless you are a security researcher*. Seriously.

My inner security geek refuses to release the keyboard. Sorry 'bout
that. I strongly believe that every single Internet connection, be it
SOHO, SME, or LHC**, should end at a dedicated security appliance, that
is, at a router that runs NAT and a firewall and nothing else***.

If your DSL modem has a built-in firewall, you're a lot safer. But if it
has a built-in firewall, it can probably manage the DSL connection for
you, and your computer can plug in as if to a router/switch.

I have a Speedtouch 516 with firewall enabled, then a DI-604 behind
that, so my home network is behind two firewalls, from two different
vendors (increased safety in heterogeneity). The DI-604 will eventually
be replaced with a WRT54G running OpenWRT; at the moment, the WRT54G is
acting as an AP for my daugther's wireless laptop.

If you cannot connect via a dedicated security appliance, then ensure
that your computer is not only running a release-quality OS, but that it
has been hardened (this can range from simply closing services that are
not required to installing AppArmor - it's a heck of lot simpler to buy
a router and ensure the firewall is enabled). 

pww

* Or unless you are simply curious AND there is no real data of value on
said box (you're using userids and passwords different from those on
your production box, etc.) AND there are no other machines connected to
or via this machine AND you sign a waiver. Well, just kidding about the
waiver.

** Small office, home office, small to medium size enterprise, large
heartless corporation

*** I'm really uncomfortable with the current crop of routers that also
offer print sharing, file sharing, etc., all on the same box. since they
mostly run proprietary software, how sure are you that all of those
services are safely isolated from Internet-based attacks?

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <https://lists.ubuntu.com/archives/ubuntu-ca/attachments/20070404/75b3146d/attachment.pgp>

More information about the ubuntu-ca mailing list