This a little extension of the 'Worst Internet Provider' poll. I'm just getting started with DSL (SWB the only provider here, I believe) and wanted to know a little more about the software firewalls and hackin'. How bad is the problem? How well do the firewalls work? How do they effect the peer2peer software programs? And I want to make sure I'm getting the most out of my connection. Are there any settings/tweaks I should make sure are in place for the best performance? Guess I should have titled this DSL for Dummies... Rok ------------------ Proud Member of whatever Clutch City club is currently the most popular and/or controversial.
Go to www.dslreports.com you will find all the answers you need there. But to keep you occupied : The problem can be bad if you have no firewall and have a static IP address. The problem can be somewhat less of a problem if you have no firewall and have dynamic IP address. The problem can be damn-near non-existant if you use a firewall. For software-based firewalls, get ZoneAlarm. It's regarded as probably the best by several independent ratings and best of all it's free. You can get it at www.zonelabs.com. The firewalls work well if configured properly. They don't affect P2P programs at all, if any, if configured properly. This depends on what firewall you use and how you have it configured. Tweaks and more info on what you're looking can be found at the following sites : http://www.dslreports.com/ http://home1.gte.net/awiner/ http://cable-dsl.home.att.net/ http://www.speedcorp.net/ http://www.speedguide.net/ ------------------ "I had mine chewed off by a boss one time." -- Behad leaves us wondering if he gets hazard pay... [This message has been edited by Dr of Dunk (edited June 23, 2001).]
1. Most dsl and cable modems have 64 as their first byte (ie ip address = 64.xxx.xxx.xxx). 2. Most cable and dsl users are not savy network administrators, familiar with the fine details of hacking. In fact most never think of it at all. 3. Unlike modems, most dsl & cable connections are always on. This means that hackers have an easily locatable group of novices who they are fairly assured access to. There is a program called "Black Ice Defender" which is a 'personal firewall' that logs the ip connections that are questionable. Most people who use it for the first time freak, as they are getting scanned many times a day. BUT very focused attacks at specific systems are less common, as the 'payoff for these systems is very low. ------------------
Run Linux That can solve your security probs, especially if you keep it updated ------------------ CC.net's most courteous driver Oh yeah, and I'm looking for a job right now, so hire me please
Price is no object for me, since the odds of me buying and reading a book on computers is about the same as GW reading Atlas Shrugged AND writing a screen play about it. Hey, as GW would say..."reading is for college gralaguates." ------------------ The world is divided into two groups of people: Those who try to divide everyone into two groups, and those who don't.
The router provides for something called NAT (network address translation). It is one of the most basic forms of firewall protection. As an example your router will have one IP address. Your networked computers behind the router will have their own IP's (like something non-routable - 192.168.*.*). To everybody on the other side of your router, they only see one IP address - the one for your router and the network behind that router has non-routable IP's. The router handles which data goes where, so it knows which of your pc's sent what and which is expecting what back. The NAT in your router does a great job hiding you from casual hackers, but ZoneAlarm adds to the benefits by stealthing your ports. It also adds the benefit of being able to catch a rogue application trying to communicate back out from your network to the Internet. In all honesty the NAT may be enough by itself, but why risk it? Keep running ZoneAlarm! ------------------ "I had mine chewed off by a boss one time." -- Behad leaves us wondering if he gets hazard pay...
1. The Linksys' ports are all stealthed. 2. The real binifit of NAT comes when you use one of the so called 'private address ranges' on the LAN side. Anytime any upstream router sees one of these addresses, it rejects it, making it impossible(I think) to spoof. (These ranges are 10.x.x.x, 172.16.x.x - 172.31.x.x, and 192.168.x.x). 3. As a general rule, hardware appliances seem to work better & are more efficient than software. 4. I know everyone loves Zone Alarm, but I don't. I find the interface bulky and intrusive, the controls obtuse, and much of its functionality to be redundant. 5. There is a nice little set of internet testing utilities avaliable from GRC called shields up which allows you to test the status of your ports. ------------------
My DSL question is: How does my Linksys Router act as a firewall? My router has a feature called Block WAN Request that is suppose to prevent my network from being pinged or detected. It's also suppose to hide my network ports. I guess that's it, huh? So do I have to run ZoneAlarm with my Router if the Router is supposed to provide protection? rH ------------------ visit: groovehouse.org
linux ewwwwww... oh and that reminds me, theres a store called the "75% off book store" right next to Houstons resteraunt. And they have all kinds of books for programmers or just computer savy people. Including a linux manual bigger than 20 bibles packed on top of eachother. And all of them are priced under 5 dollars. ------------------ "The early bird may get the worm, but so does the bird that finished off the tequila bottle the night before"
