Re: DSL
- From: "Allan Smith" <netsmith@xxxxxxxxxxxxx>
- Date: Sat, 21 Jul 2007 12:45:31 -0400
Wally,
The old "moving-target" of dialup days? Not necessary anymore. In fact, may
ISP's are going to static IPs anyway, since IVP6 will solve the problem or
running out of addresses. Whether I stay connected or not, my IP is always
the one that appears in the header of this post.
If you do want to disconnect for whatever reason, there should be a setting
in the Westell to specify either "On Demand", or "Always On". On-demand is
the Westell's default, and it will auto-disconnect after a specified
inactive time (Westell default is ususally 20 minutes). Activity will then
cause an auto-reconnect, which happens in about a second. You may or may not
get the same IP, as your provider prefers.
If the Westell is not in Bridge Mode, and you are thus running two PPPoE
clients, disconnecting your XP's client doesn't disconnect you from your
ISP. The Westell is still connected.
If you are in Bridge Mode, you have no Router between you and the Internet,
and do not gain the address protection of Network Address Translation, or
the data protection of Stateful Packet Inspection.
With Stateful Packet Inspection (SPI), there is no reason to disconnect
these days, as inbound traffic from an unknown will be ignored. Most router
firewalls, including the 6100, use SPI.
A Stateful Packet Inspection firewall holds the attributes of each
connection in memory in the State Table, from start to finish. These
attributes include such details as the IP addresses and ports involved in
the connection, and the sequence numbers of the packets traversing each
connection in both directions. Any traffic not belonging to an
already-established, pre-screened session is rejected. Once a session is
ended, its entry in the state-table is discarded. If the session is not
properly terminated, or if no traffic is present for a specified time, the
entry goes 'stale', and is removed.
SPI effectively blocks DOS-attacks, including the most common, the
SYN-flood. It also prevents hacking, of which the most common form is the
initiation of unsolicited sessions. SPI simply discards everything it
doesn't already know about.
If you put the router in Bridge mode, you disable its firewall and SPI.
You'd need either another router, or a software firewall specifically having
SPI, to protect you. Some software firewalls don't have SPI, as they don't
get deep enough into the datastream to operate at a packet-level.
Both Windows Firewall and Zone Alarm Pro have SPI, btw. The advantage of
having it in the router is that one SPI firewall serves all systems
connected to the router.
Allan
--
One asks, many answer, all learn - Plato, on the 'Forum
--
True civility is when every one gives to every other one every right
that they claim for themselves.
"WaIIy" <eIvez@xxxxxxxxxxxxxxxxxx> wrote in message
news:tp54a3tcikaiuchccnfc0j9h45id20e3j5@xxxxxxxxxx
On Sat, 21 Jul 2007 03:29:50 -0700, "Wade Ward" <zaxfuuq@xxxxxxxxxxx>
wrote:
You should need do nothing to your system other than plug it into the
modem and configure it. After that, there is no connection to make, as
the
modem does that automatically. Your system then finds the modem
automatically. It just works.
I don't like to be always connected, so I did the windows thing.
Thanks
.
- References:
- Prev by Date: Re: Iraq veteran and 9/11 survivor: Sheehan's son died for good cause
- Next by Date: Re: IRA (retirement, not the Irish)
- Previous by thread: Re: DSL
- Next by thread: Re: DSL
- Index(es):
Relevant Pages
|
