I have a 5 year old Linksys BFSR11 router with the latest firmware.
An IT guy at work says that I should replace it since the bad guys have
found ways to circumvent it's defenses. I doubt it.
Even if I use a software firewall like ZA-Free or Comodo, am I vulnerable?
Any opinions?
R.
On Fri, 2007-02-16 at 18:50 -0600, John Smith wrote:
> I have a 5 year old Linksys BFSR11 router with the latest firmware.
> An IT guy at work says that I should replace it since the bad guys have
> found ways to circumvent it's defenses. I doubt it.
> Even if I use a software firewall like ZA-Free or Comodo, am I vulnerable?
Being behind a device such as that, I take it that hosts on your lan are
privately addressed, which is the very best defense from internet
threats. Long as you don't have any sort of port forwarding mechanism
enabled, you should be fine.
Post removed (X-No-Archive: yes)
On Fri, 16 Feb 2007 18:50:44 -0600, John Smith wrote:
>
> I have a 5 year old Linksys BFSR11 router with the latest firmware.
> An IT guy at work says that I should replace it since the bad guys have
> found ways to circumvent it's defenses. I doubt it.
> Even if I use a software firewall like ZA-Free or Comodo, am I vulnerable?
>
> Any opinions?
Even the latest devices have exploits and can be compromised if you visit
the right page on the net and do stupid things.
You should be running a quality AV solution and be using something like
FireFox or Opera and using a text based email reader.
Firewalls running on your PC are mostly worthless, the windows firewall
being the most worthless of any.
Change your subnet from the default to 192.168.200.1/24, change the
password, etc...
--
Leythos
spam999free@rrohio.com (remove 999 for proper email address)
Dom
> On Fri, 2007-02-16 at 18:50 -0600, John Smith wrote:
>> I have a 5 year old Linksys BFSR11 router with the latest firmware.
>> An IT guy at work says that I should replace it since the bad guys
>> have found ways to circumvent it's defenses. I doubt it.
>> Even if I use a software firewall like ZA-Free or Comodo, am I
>> vulnerable?
>
> Being behind a device such as that, I take it that hosts on your lan
> are privately addressed, which is the very best defense from internet
> threats. Long as you don't have any sort of port forwarding mechanism
> enabled, you should be fine.
That is, though not plain wrong, at least questionable. NAT (the
mechanism to enable connections between private and public networks) has
the purpose to *enable* connections between networks. A Firewall OTOH is
supposed to *block* everything that isn't specifically authorized. Thus
a NAT-only device will usually fail-open, whereas a firewall is supposed
to fail-close, which is why you do want your router to have at least
some firewalling functionality.
Of course this point is sort of moot, because virtually all devices
(even low-cost routers) do implement firewall functionality, but I
wanted to make clear that you can't rely on just using private addresses
to guarantee the security of your LAN.
cu
59cobalt
--
"If a software developer ever believes a rootkit is a necessary part of
their architecture they should go back and re-architect their solution."
--Mark Russinovich
> Dom wrote:
> > Being behind a device such as that, I take it that hosts on your lan are
> > privately addressed, which is the very best defense from internet
> > threats.
> > Long as you don't have any sort of port forwarding mechanism
> > enabled, you should be fine.
Sebastian Gottschalk wrote:
> Nonsense as well. Just visiting a website loading an image with URL
> ftp://someserver.org/someimage.gif%0a%0dPORT%20192,168,0,1,1 ,189 and your
> router will most likely fully expose port 445/TCP to the host
> someserver.org.
So, I suppose you'd like to go ahead and demostrate private destination
routing over the internet...
So, these consumer-class routers are now doing application inspection?
Thought that was relegated to the high-end IOSes. Certainly is
questionable that these low-end devices would display anything more than
reflexive socket-based functionality.
Ansgar -59cobalt- Wiechers wrote:
> That is, though not plain wrong, at least questionable. NAT (the
> mechanism to enable connections between private and public networks) has
> the purpose to *enable* connections between networks. A Firewall OTOH is
> supposed to *block* everything that isn't specifically authorized. Thus
> a NAT-only device will usually fail-open, whereas a firewall is supposed
> to fail-close, which is why you do want your router to have at least
> some firewalling functionality.
>
> Of course this point is sort of moot, because virtually all devices
> (even low-cost routers) do implement firewall functionality, but I
> wanted to make clear that you can't rely on just using private addresses
> to guarantee the security of your LAN.
Yes, a nat will usually default to accept, but that still leaves the
obstacle of private destination routing over the internet. A more
localized threat can exploit default-accept functionality, but a number
of factors govern whether that would be at all possible.
> Dom wrote:
> > Long as you don't have any sort of port forwarding mechanism
> > enabled, you should be fine.
On Sat, 2007-02-17 at 10:50 +0100, Sebastian Gottschalk wrote:
> Nonsense as well. Just visiting a website loading an image with URL
> ftp://someserver.org/someimage.gif%0a%0dPORT%20192,168,0,1,1 ,189 and your
> router will most likely fully expose port 445/TCP to the host
> someserver.org.
Certainly sounds like "a sort of port forwarding mechanism". Please
reference my above statement.
Post removed (X-No-Archive: yes)
Post removed (X-No-Archive: yes)
"John Smith"
news:45d6515c$0$28108$4c368faf@roadrunner.com...
>I have a 5 year old Linksys BFSR11 router with the latest firmware.
> An IT guy at work says that I should replace it since the bad guys have
> found ways to circumvent it's defenses. I doubt it.
> Even if I use a software firewall like ZA-Free or Comodo, am I vulnerable?
>
> Any opinions?
>
> R.
I WAS using the default password and have changed it.
Thanks for all the replies.
R.
Post removed (X-No-Archive: yes)
Post removed (X-No-Archive: yes)
On Feb 16, 7:50 pm, "John Smith"
> I have a 5 year old Linksys BFSR11 router with the latest firmware.
> An IT guy at work says that I should replace it since the bad guys have
> found ways to circumvent it's defenses. I doubt it.
> Even if I use a software firewall like ZA-Free or Comodo, am I vulnerable?
>
> Any opinions?
>
> R.
I have a BEFSR41 that I still use with no FW software and never have
any problems.