LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > General
User Name
Password
General This forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!

Notices


View Poll Results: Is your computer's (inside) IP address 'private' (10.../192.168..), or public?
I use 'private' RFC1918 10.../192.168.. on my box. 8 100.00%
I use public IP addressing (so others can reach me) 0 0%
Voters: 8. You may not vote on this poll

Reply
  Search this Thread
Old 09-25-2017, 04:27 PM   #31
IsaacKuo
Senior Member
 
Registered: Apr 2004
Location: Baton Rouge, Louisiana, USA
Distribution: Debian 9 Stretch
Posts: 2,278
Blog Entries: 8

Rep: Reputation: 362Reputation: 362Reputation: 362Reputation: 362

Quote:
Originally Posted by rknichols View Post
The point is that even though access is blocked from the external (WAN) interface (as is usually the case by default), a web site that you visit can cause your browser to access the router's management page via the local (LAN) interface. You can't block that without losing the ability to manage the router. Your only protection is by changing the password.
Right. And there are still random other similar vulnerabilities that we find out about all the time. Often associated with "features" that help make it easier to set up and/or reset a home router, but which can easily make the router vulnerable to any compromised computer within wifi range.

This is why I prefer to use a Debian box I've set up as a secured router rather than a home router appliance. No web interface for administration, just ssh (with passcode protected ssh key authentication, not password authentication, of course, on a custom port). No special "features" to make it easier to remotely reset/administer the box. I switch on the monitor and log in directly if things are somehow too messed up for ssh to work.

I still have a commercial wireless access point attached to that Debian router, though. The point is, though, to try and keep that WAP simple and minimize the functions its supposed to perform.
 
Old 09-25-2017, 04:46 PM   #32
dave@burn-it.co.uk
Member
 
Registered: Sep 2011
Distribution: Puppy
Posts: 354

Rep: Reputation: 134Reputation: 134
Well I rather assumed the that would be the first thing that any sensible person would do!!
 
Old 09-25-2017, 04:51 PM   #33
jlinkels
Senior Member
 
Registered: Oct 2003
Location: Bonaire, Leeuwarden
Distribution: Debian /Jessie/Stretch/Sid, Linux Mint DE
Posts: 4,707

Rep: Reputation: 742Reputation: 742Reputation: 742Reputation: 742Reputation: 742Reputation: 742Reputation: 742
My ISP allows me to bridge the modem. And so my computer has a public IP address. Obviously there is a NAT firewall behind that first IP address. Usually I use Pfsense. But I have full control over the firewall. And all computers inside the firewall have a private address.

And VPS-es I run directly connected to the internet with a public IP address. Like everyone else I guess.

Frankly I don't understand the intention of this poll.

jlinkels
 
  


Reply

Tags
nat


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
How to connect two private network in redhat?for example 10.0.0.0 and 192.168.0.0? alwaysonline007 Linux - Newbie 10 05-16-2012 10:28 PM
my server can't ping other boxes on private network (192.168.0.0) bweaver Linux - Networking 5 07-28-2011 04:20 PM
[root@wlxxb ~]# telnet 192.168.192.12 25 Trying 192.168.192.12... telnet problem cnhawk386 Linux - Networking 1 10-10-2007 03:50 PM
What route to access daisy chained 2d router 192.168.1.1 after 192.168.0.1 (subnets?) Emmanuel_uk Linux - Networking 6 05-05-2006 02:47 AM
NAT for lan 192.168.2.x urukhay Linux - Networking 1 11-09-2004 05:49 AM

LinuxQuestions.org > Forums > Non-*NIX Forums > General

All times are GMT -5. The time now is 01:40 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration