-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Friday 07 May 2004 11:29 am, Austin Theen wrote:
> On Fri, 2004-05-07 at 01:28 -0400, Austin Theen wrote:
> > Hi All,
> >
> > I've got a quick question about port redirection. I'm trying to get
> > around a stupid linksys firewall that has a hard filter on 161/udp. and
> > since it's to dumb to offer nat to a different port, I'm stuck trying
> > to put snmpd on a nonstandard port. I'm running net-snmp-5.1.1 and I
> > can't find where to set the listen port option (I'm not sure it's wise
> > either). So I'm trying to setup a local proxy to listen on some other
> > port that my stupid router will forward and have this app proxy do the
> > port redirection to 161/udp.
> >
> > Oh, this is all in the name of remote monitoring of servers and
> > trending, if anyone was curious.
>
> Ok, I found a new problem. My router, a Nexland ISB Pro800 Turbo is
> blocking outbound udp ports. I first noticed this when DNS had to be set
> to the router instead of my normal verizon 4.2.2.1 dns server.
>
> Since symantec bought nexland and essentially axed the product support,
> I'm scrod. Looks like I shopping for a new router. :(
>
> Austin
The only reason I would ever pick a commercial router these days is the
size. You are soo much better off building a Firewall/NAT/router than
buying one purely for security, flexibility and performace. I always use a
lesser computer like an old IBM who knows how to make long lasting
hardware.
(I'm waiting to get some time over to build one based on the mini size
motherboards. They are about 4x4 inches. Once I do I'll be happy to share
the "formula" as there are a few issues to stay clear off.)
Of course I also use OpenBSD on that box. Usually expenses are limited to an
extra NIC as the slowest box you can find will be plenty. Now I don't have
to deal with stupid security errors like manufacturere backdoors, or
problems that cost too much to fix, lazy employees etc.
It's really quite hilarious how manufacturers of security devices like
firewalls ship insecure devices. Or with limited protocol support, etc.
I used to have this hidden standard on banks. They had to have the best
money could buy, I used to reason. Then I found out they are usually out of
date, have no budget, clueless staff etc. Not at all the high standards I
expected. As an example BoA is using the Internet for their ATMs!
You'll notice if there's a Internet outage in your area your BoA ATM will
not give you any money or do anything at all.
- --
Steve
"They that would give up essential liberty for temporary safety deserve
neither liberty nor safety."
Benjamin Franklin
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
iD8DBQFAnAqTljK16xgETzkRAl/wAJ9ZEBMihtvIsoU1MB8nP1oWa3ruVgCfTUPr
JAK+2Byj+H+PsZnJsG5nH+k=
=qBmD
-----END PGP SIGNATURE-----
-----------------------------------------------------------------------
This list is provided as an unmoderated internet service by Networked
Knowledge Systems (NKS). Views and opinions expressed in messages
posted are those of the author and do not necessarily reflect the
official policy or position of NKS or any of its employees.
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 17:54:48 EDT