On Monday, July 1, 2002, at 10:06 PM, Donald Keenan wrote: > At Starbucks the other day (no Airport at this one), a friend of a > friend was finishing up his homework assignment on computer security. > I asked him his opinion on whether a software firewall is preferable or > not to a router. His answer intrigued me and left me with more > unanswered questions than I had time to ask. Some day I might be able to > look at his set up and clarify my questions, but he's a PC user and I'm > not sure if his generalizations apply to macs. > > Getting to my point: > He said that the only decent router would be thousands of dollars in > cost. He suggested that most firewalls were only good to a very limited > degree and asserted that any good hacker can bypass them. > What intrigued me was this; > He said the best way to set up a secure home network was to use a > computer as server and then connect all other ubits to the server. OK, I > was intrigued but it got over my head quickly. It made sense on first > listening, before I forgot the details.
What he has described to you is.... a firewall!! A firewall is a computer or network device that physically separates one network from another; as such, "firewall" has more to do with software running on the device than the device itself. Many routers are firewalls. Network security is a function of the administrator far more than it is of the hardware and software involved. You can buy the most expensive router and firewall setup money has to buy and, if you don't administer it properly, it does no better than any other. A "server" is a network device (being a computer or otherwise) that provides services on the network and, as such, tends to be the LEAST secure device on the network. > Now i remember seeing a tangerine iBook on eBay billed as being a > bargain because it's screen was displaying a red hue which compromised > its use for many applications. The seller suggested using it for a > server. > Provided one has a spare Tangerine iBook around (when not used for > faxing), is this relatively easy to do? He implied that the > server computer protected any other unit from receiving unsolicited > pings or whatever...what I don't get is how one could still use the > internet on the non-server computers. > > Does anyone out there do this? Could I use a 366 or 300 iBook as a > server and connect my Pismo and iMac to it as a way of setting up an > impenetrable network. Mind you, I'm not dealing in state secrets... > Does one need special Apple server software to do this? An iBook wouldn't serve this purpose very well since it has only one ethernet port and no feasible to expand beyond this. There is NO such thing as an impenetrable network. Period. Paragraph. End of story. The weakest link in every network is the wetware - users and administrators. The firewalls built into most inexpensive cable routers is superior to most computer based routers unless you REALLY know what you're doing. Having infinitely more options, software based routers/firewalls (exactly what you're friend is talking about) are inherently less secure.... unless you know precisely what you're doing. -- G-Books is sponsored by <http://lowendmac.com/> and... Small Dog Electronics http://www.smalldog.com | Refurbished Drives | -- Check our web site for refurbished PowerBooks | & CDRWs on Sale! | Support Low End Mac <http://lowendmac.com/lists/support.html> G-Books list info: <http://lowendmac.com/lists/g-books.html> --> AOL users, remove "mailto:"; Send list messages to: <mailto:[EMAIL PROTECTED]> To unsubscribe, email: <mailto:[EMAIL PROTECTED]> For digest mode, email: <mailto:[EMAIL PROTECTED]> Subscription questions: <mailto:[EMAIL PROTECTED]> Archive: <http://www.mail-archive.com/g-books%40mail.maclaunch.com/> Using a Mac? Free email & more at Applelinks! http://www.applelinks.com
