> > What provision should one make for firewalls on the Mac (OS9.2.2)? The >> router will provide some of course. > >Derryck, > >I don't know what exactly you would need a firewall for if you are hosting >an FTP server on Mac OS 9. A firewall is made to keep unwanted traffic from >coming into your network. Unless you are running some type of internal >services such as a private web site, private ftp server, or some kind of >file sharing, there would be no reason to need a firewall. > >The benefit of a firewall is to prevent attacks on your computer by not >allowing any traffic in the first place. Afaik(somebody correct me if I'm >wrong), there is not really anything in Mac OS 9 that can be easily >exploited. Just make sure you don't have unneeded 'services' enabled.
Basically, the reason you'd want a firewall is to keep the noise that reaches your machine to a minimum. The script kiddies are out there, trying all the known exploits on just about every IP it seems. They'll port scan you to see what's open (if they're sophisticated enough to know to do that), then start trying stuff on the open ports on the slim chance that they might get through. If they're not sophisticated, they'll just wail away on whatever port they have a tool to exploit a windows server through. (I could show you some logs...) If you are just running FTP or HTTP, you open the appropriate ports and the firewall catches the rest. Your server doesn't have to spend as much CPU time saying "Go away, don't bother me." There's also a chance that someone will eventually find a chink in the Classic Mac OS armor, and if so that exploit will certainly be spread around the cracker community. No sense in leaving the barn door open. To semi-answer the original question: what provision for firewalls should one make? There are some good software firewalls out there - IPNet Router by Sustainable Softworks (http://www.sustworks.com) (no relation, by the way) is reliable, inexpensive ($49, I think) fairly easy to set up, and can run on just about any ancient mac. (Mine's on an old 68K Quadra). It works as both a NAT device and a firewall. There are also "personal firewall" software apps like Symantec's, but I don't know much about them. And, at the other end of the spectrum, there are hardware firewalls that can run into some real money. -- Bill Christensen http://greenbuilder.com/contact/ Green Building Professionals Directory: http://directory.greenbuilder.com Sustainable Building Calendar: http://www.greenbuilder.com/calendar/ Green Real Estate: http://www.greenbuilder.com/realestate/ Straw Bale Registry: http://sbregistry.greenbuilder.com/ Books/videos/software: http://bookstore.greenbuilder.com/ -- SuperMacs is sponsored by <http://lowendmac.com/> and... Small Dog Electronics http://www.smalldog.com | Refurbished Drives | Service & Replacement Parts [EMAIL PROTECTED] | & CDRWs on Sale! | Support Low End Mac <http://lowendmac.com/lists/support.html> SuperMacs list info: <http://lowendmac.com/supermacs/list.shtml> --> AOL users, remove "mailto:"; Send list messages to: <mailto:[EMAIL PROTECTED]> To unsubscribe, email: <mailto:[EMAIL PROTECTED]> For digest mode, email: <mailto:[EMAIL PROTECTED]> Subscription questions: <mailto:[EMAIL PROTECTED]> Archive: <http://www.mail-archive.com/supermacs%40mail.maclaunch.com/> --------------------------------------------------------------- >The Think Different Store http://www.ThinkDifferentStore.com ---------------------------------------------------------------
