The UK Home Automation Archive

Archive Home
Group Home
Search Archive


Advanced Search

The UKHA-ARCHIVE IS CEASING OPERATIONS 31 DEC 2024


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Home Automation - Firewalls



On whether a DMZ is needed:

Or because they are likely to be the subject of a directed attack.

Realistically, there is unlikely to be much hacker kudos, or political
statement, involved in hacking my house, hence I don't have a DMZ any more.

For something like an employee portal, I'd always stick in a DMZ with a
suitable webhead.

For a transactional site, I'd always stick in multiple firewalls.

It's worth noting, for example, that Streetsonline.com was, when I was
involved, subject to about 2,000 hack attempts per hour. While a number of
these were just kiddies doing port scans, a surprising number were more
sophisticated, because hacking Streets seemed like a good idea to some
people.

[sad geek note - it's a "secure subnet" we're talking about, a
DMZ is subtly
different - but don't worry I'd been installing firewalls for about 4 years
before I sussed the difference, and most non-security people use the term
DMZ in the sense that we've been anyway]


On VPNs:

VPNs are an excellent idea IF you control the machines at both ends. For
example, allowing you to access your house from your laptop no matter where
it's connected. They fall down in places like web cafes, and
client/employer
sites where the IT department locks down machines so you can't install the
VPN client.

Having seen Patrick Lidstone's setup, which uses openvpn.sourceforge.net on
his PC, I'm VERY tempted simply to go this route.

M.



UK Home Automation Meet 2004 - BOOK NOW!
http://www.ukha2004.com

http://www.automatedhome.co.uk

Member Offers - http://www.freeranger.co.uk/ukha

Home | Main Index | Thread Index

Comments to the Webmaster are always welcomed, please use this contact form . Note that as this site is a mailing list archive, the Webmaster has no control over the contents of the messages. Comments about message content should be directed to the relevant mailing list.