Re: firewalls
- From: "Menno" <flexor@xxxxxxxxxx>
- Date: 10 Oct 2005 06:28:05 -0700
Hello World,
w.N.(Bill) McCaw wrote:
> I am going DSL, running a router and a wireless network for my home.
>
> My computer uses OS2, with XP also installed for those time I have to
> use Windows.
<...>
Before I go into the intricacies of OS/2's built-in firewall (eCS has
it, and so does "True Blue" Warp 4.51+, don't know which fixpack you
need for Warp 4), first I'd like to dwell a bit on the other security
issues involved.
What you most likely have is a box with a DSL connection on one end,
and WiFi on the other, creating a wireless Internet access point in
your home. Perhaps you'll also be able to hook up an Ethernet hub to
the router so you can attach equipment using cables, but that's another
story.
There are two things to watch out for: First, people coming into your
home net from the Internet. Second, unknown people with WiFi adapters
within radio range of your DSL router.
By default, your DSL modem will[1] probably be configured not to let
*anything* in from the Internet, and you have to open the gates if you
have a system inside that you want to access while elsewhere in the
Internet (cybercafe or some such). Your PCs are definitely *not* the
place to start worrying about this kind of thing - check your router,
as it is the your main line of defense. As long as you don't actually
open anything up, your router will block any attempts to come in from
the 'net[1].
Now the radio link side of things is another story. By default, a
wireless router is configured to let any nearby WiFi card in. This
means that someone with a laptop in your parking lot can use your
internet connection for whatever they like. Hence, you NEED to change
that. The router will have some sort of encryption that keeps people
from using the connection unless they have the password. Enable it,
preferably before you plug in the DSL socket. Pick a good password. If
your router will allow you only to let specific WiFi cards in, that's
also a Good Thing.
A guy named Alexander Taylor compiled a set of instructions in .inf
format that shows how to enable and configure OS/2's built-in
firewall. You can find that here:
http://hobbes.nmsu.edu/cgi-bin/h-viewer?sh=1&fname=/pub/os2/doc/firewall_doc_v14.zip
In short, OS/2's firewall is a port-level firewall that can block
connections from the Outside in and vice versa, according to the
firewall rules. Actually, I have never found any need to enable this,
because OS/2 isn't like Windows - things that could conceivably be
hacked into are turned off by default. I ran an OS/2 FTP server on the
Internet for ages without any firewall and never got hacked.
There is one situation in which you might like to install firewall
rules: If your OS/2 machine runs some services on the Internet and
others for use at home only, you can restrict the ports (for instance,
139 for Netbios over TCP/IP) to your "inside" network. Many routers let
you designate a "Default Server" or some such. This is the inside IP
address where all incoming service requests are sent. I think it's much
better to open only the ports you need, but if you do set up your
server that way, you may want to restrict the services you want to keep
inside using the OS/2 firewall.
To configure all this, you can either use the instructions given by Mr.
Taylor, or you can download a program called Zampa (included with
eComStation), which is a nice GUI interface for the TCP/IP firewall.
Hope this helps!
Cheers/2,
Menno
[1] WARNING - UNWARRANTED ASSUMPTION! CHECK THIS!
.
- Follow-Ups:
- Re: firewalls
- From: Alex Taylor
- Re: firewalls
- From: w.N.(Bill) McCaw
- Re: firewalls
- References:
- firewalls
- From: w.N.(Bill) McCaw
- firewalls
- Prev by Date: Re: Top Ten OS/2 apps/utilities
- Next by Date: Re: Top Ten OS/2 apps/utilities
- Previous by thread: Re: firewalls
- Next by thread: Re: firewalls
- Index(es):
Relevant Pages
|
