FW: [lug] Cisco 675 PPP vs. Bridging modes

[Holshouser, David]

Friend at work was talking about this once, so I asked for his input.
Here is his reply, notice the part about "hacker can utilize holes in the
security of your OS" and the fact that we are talking about CodeRed. I got a
little giggle from that.

-----Original Message-----
From: Harding, Tyson 
Sent: Friday, August 10, 2001 10:43 AM
To: Holshouser, David
Subject: RE: [lug] Cisco 675 PPP vs. Bridging modes


Here is my input.

PPP mode sets the Cisco to work as a bridging router. What a router does is
handle the redirection of packets to addresses on different networks, i.e.
your home computer and your ISP's network. It is a bridging router because
it is connecting two different network types, the ADSL, and the TCP/IP
10baseT. In PPP mode the Cisco 675 connects to the ISP and gets assigned a
real Internet IP address. In this mode the Cisco 675 is more than likely set
up as a NAT and DHCP server so your computer will query the Cisco for an
address. The address it returns for your computer is a fake IP address that
is only valid for the network on your side of the Cisco. When you use your
computer to connect to a server on the internet, the request is sent to
through the Cisco which strips your computers fake ip address off and saves
the port information, and puts in it's real ip address, and a port address
for it. Then when data comes to that port it sends it on through to your
computer on the port your computer is waiting for it on. This is usually a
little more safe from hackers because they don't have actual access to your
computer. If they try to get access through a port on your Cisco, and the
Cisco doesn't have a row in the table for that port nothing is not sent on
to your computer.

Bridging mode is much simpler. In bridging mode the Cisco just connects to
the ISP and passes information straight through. It does not have an IP
address, and only handle the translation of protocols and transfer medium.
All it does is allow your TCP/IP 10baseT network to talk over the ADSL line.
Your computer will receive the address that the ISP provides and you will
have a real internet address. This can open more security holes because now
your computer is what everyone is talking to, so if you aren't careful a
hacker can utilize holes in the security of your OS to break in.

I don't know specifically about the CODE RED worm, but if it is designed to
attack the Cisco then more than likely it will only effect it in PPP mode
because then it is possible to talk to the Cisco without the serial cable.
In bridging mode you cannot connect to the Cisco unless you have the serial
cable since it doesn't have an IP address.

Tyson

-----Original Message-----
From: Holshouser, David 
Sent: Friday, August 10, 2001 10:26 AM
To: Harding, Tyson
Subject: FW: [lug] Cisco 675 PPP vs. Bridging modes


Tyson, 
	could I get your input on this?

-----Original Message-----
From: JL Kottal [mailto:jlkottal at americanisp.net]
Sent: Thursday, August 09, 2001 4:34 PM
To: BLUG; Clue Tech
Subject: [lug] Cisco 675 PPP vs. Bridging modes


Hello,

This message was posted both BLUG and CLUE-tech.

Could someone(s) please compare and contrast the bridging and the PPP 
modes for a Cisco 675 router, vis-a-vis the advantages and 
disadvantages, bandwidth, security, etc.?

I am currently using an ISP with the 675 in PPP mode and, in spite of 
having applied the 675 CBOS upgrade and redirecting the HTTP port, I 
am still getting killed by the Code Red worm. Someone has suggested 
that placing the 675 in the bridging mode will eliminate this 
vulnerability. 

I talked to my ISP, who swears that the bridging mode is the worst 
possible way to run this router, but I am not sure that I understand 
their reasons because they sounded like so much double-talk. 

Thus I pose my question to a relatively unbiased group and hope that 
this does not cause a flame war ... <g>

JohnK

_______________________________________________
Web Page:  http://lug.boulder.co.us
Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug