Re: CPE equipments and stateful filters

[Iljitsch van Beijnum <iljitsch@muada.com>]

On 24-jul-2007, at 10:34, Fred Baker wrote:

> I think the right solution is an authenticated access protocol. If  
> UPnP is publicly documented, fine, if James' protocol is the best  
> bet, fine, and if it is something else, so be it.

Please note that uPnP is a death trap of a protocol, and the fact  
that it was "not invented here" shows in a bad way.

> But a protocol that allows one to identify oneself and gain  
> admittance on authorization provides for the concerns that you  
> have. Someone from within can access out, the governing contract  
> being the authorization to do so, and on AAA confirmation access in  
> is granted, which enables someone with legitimate access privileges  
> to access what they are authorized to access.

This makes a lot of sense for a corporate network, but do we really  
want to go this far for home networks? Especially since blocking  
inbound sessions _maybe_ removes 10% of the bad stuff that may happen  
to you (in IPv4, less in IPv6) while browser exploits, that don't  
need incoming sessions, are responsible for 60% or so of all security  
problems. The "creamy inside, crunchy outside" security model just  
doesn't work. If you want systems connected to a network to be  
secure, you need to go into those systems and remove or patch the  
stuff that's wide open and waiting to be compromised.

And, of course, the most insecure part of any computer is still the  
left mouse button.