Thread: Skip it OT.
View Single Post
  #9   Report Post  
Posted to uk.d-i-y
John Rumm
 
Posts: n/a
Default Skip it OT.
Pete C wrote:

Yup, seconded - never use USB ADSL modems - especially on Windows.


Why not....?

A few reasons spring to mind:

Firstly because it means that the OS and any loaded firewalls etc become
your first line of defence against attack. You are also at risk should
you inadvertently let anything onto the computer that disables the
software firewall etc - things can go pear shaped very quickly. It is
harder for anything on the PC to knobble an external firewall. Also the
TCP/IP stack that is facing the net is the routers and not the Microsoft
one.

From a security POV you also only have a single line of defence with a
USB moden rather than defence in depth - i.e. hardware firewall in
router, inability of direct addressing of the internal hosts due to NAT
in the router, then any firewalls etc running on the PC.

Performance can take a hit - not all USB modems will do more than
1Mb/sec. Of those that do you can get a fair size CPU loading from the
modem.

Stability: some systems have slightly flaky USB which can get stressed
by lots of high speed USB modem traffic. You also introduce yet another
set of kernel mode drives to support the hardware - they are unlikely to
be as well tested/reliable as the basic network card ones you would be
using to talk to a router.

Flexibility: connection sharing between more than one PC is much simpler
using a router.

VPN endpoint capability - a suitable router makes allowing external
secure access to your system easy should you need it without additional
software or the need to run a Windows Server OS. (WinXP / 2K can only
create the client end of a VPN by default)

Egress filtering - it is easy to restrict outgoing connections as well
as incoming on a router - you need add on software for that on Windows.

A good way to improve security is remove as much MS software and
functionality as you can

Yup. By rights it ought not be turned on in the first place. That is a
lesson they seem to be learning slowly.


--
Cheers,

John.

/================================================== ===============\
| Internode Ltd - http://www.internode.co.uk |
|-----------------------------------------------------------------|
| John Rumm - john(at)internode(dot)co(dot)uk |
\================================================= ================/
Reply With QuoteReply With Quote