Re: Networking over mains cables

In message <88c5a250%Graeme@xxxxxxxxxxxxxxxxxxxx>
Graeme Wall <Graeme@xxxxxxxxxxxxxxxxxxxx> wrote:

In message <b6d44c0250.chris@xxxxxxxxxxxxxxxxxxxx>
Chris Hughes <news@xxxxxxxxxxxxxxx> wrote:

In message <cfa42f250%Graeme@xxxxxxxxxxxxxxxxxxxx>
Graeme Wall <Graeme@xxxxxxxxxxxxxxxxxxxx> wrote:

In message <935d260250.jess@xxxxxxxxxxxxxxxxxx>
Jess <phantasm_39@xxxxxxxxxxx> wrote:

In message <814ac150%Graeme@xxxxxxxxxxxxxxxxxxxx>
Graeme Wall <Graeme@xxxxxxxxxxxxxxxxxxxx> wrote:

Hear Hear! The whole firewall issue is totally confusing to me,
especially
as I seem to have three[1] of them and no coherent instructions for
any of
them.

[1] One in 4.39, one in the Billion router and one in the Mac G4.

Admittedly I'm slightly safer than average as I don't have a Windows
machine on the network but I still haven't got a clue whether my
firewalls are doing anything remotely useful.

The one in the router will be doing all the important work.
(Discarding attacks from outside).

The one in the mac is unlikely to be of any benefit, because you are
unlikely to get any malware installed, (usually requires admin
password to be entered) and if it did, it would probably reconfigure
the firewall.

The same applies to RISC OS but for different reasons.

Basically, since you are behind a router, leaving the machines on out
of the box settings should be fine.


Thanks, that's good to know.

And sadly the advice is wrong.


So what should I do then?

Leave the *firewall* settings in the router as they are. They *should*
be set up to block all incoming connections to your computers, by
default. (but see later for other settings)

Set up a firewall on your Windows conmputers which can control which
APPLICATIONS access the internet. The idea is to stop malware which
has reached your computer from sending data back to its originator -
things like passwords, pin numbers, sites visited etc. ZoneAlarm is
usually recommended as it's free, and fairly intuitive - every
application is blocked until you say "allow" and "remember this
setting". You get quite a lot of requests for the first few days.

There should be similar things available for MACs.

The third thing is to check the router settings. Many routers are
configured to allow their settings to be changed from the Internet
side as well as the local network. You are looking to block FTP,
Telnet and WEB administration of the router, from the Internet.
(Unless of course you want to allow outsiders to alter your settings,
or, less likely, you want to be able to alter then remotely.)

ShieldsUP should show no active ports, especially 21,25 and 80.

Set a strong password on the router's administrator account. At least
a mixture of numbers and letters, and ideally a mixture of upper and
lower case. Remember the manual for your router, with its default
settings, can be downloaded by anyone. The default settings usually
make it easy to guess the make, and sometimes the model, if the router
includes wireless. (The SSID, or network name, is often set to the
maker's name.)



--
Alan Adams, from Northamptonshire
alan@xxxxxxxxxxxxxxxx
http://www.nckc.org.uk/
.

Relevant Pages

  • Re: ICS problem on a peer to peer network
    ... Thank you for providing the link but after i configured the settings ... connect to the internet anymore. ... Get a NAT router and dump ICS? ... No LAN configuration nightmare. ...
    (microsoft.public.win2000.networking)
  • Lost the Internet solved....comments?
    ... wireless internet access and at the same time it was finding an automatic IP ... I originally had a single wired router. ... needing to change any network settings or configure the new router. ...
    (microsoft.public.pocketpc)
  • Re: Networking over mains cables
    ... Graeme Wall wrote: ... one in the Billion router and one in the Mac G4. ... the firewall. ... of the box settings should be fine. ...
    (comp.sys.acorn.networking)
  • RE: (Hopefully!) simple question no1
    ... Make sure that any time you are configuring your network ... Changing these settings can cause problems ... go into Internet Explorer and under Tools->Internet ... the router without complaining to you. ...
    (microsoft.public.windowsxp.network_web)
  • Printer problem [I have router, it says cannot find printer]
    ... Any computer geniuses out there???? ... I reset the router. ... I CAN go onto the internet. ... I printed out the settings on ...
    (microsoft.public.windowsxp.network_web)
Loading