Hi all, I've finally gone broadband (Internode 1500 power10) and now I'm re-examining my firewall set-up. At present I have the Mac OSX firewall turned on on both computers connected to the net (G5 iMac & G4 iMac). However, I now connect to broadband via a BiPAC 7402VGP: VoIP/802.11g ADSL Router with LINE port - which has a built-in firewall:
> SOHO Firewall Security with DoS and SPI > Along with the built-in NAT natural firewall feature, the router also provides > advanced hacker pattern-filtering protection. It can automatically detect and > block Denial of Service (DoS) attacks. The router is built with Stateful > Packet Inspection (SPI) to determine if a data packet is allowed through the > firewall to the private LAN. So I figure I should really turn this on for the best protection. Unfortunately, it isn't as intuitive as the Apple firewall when it comes to set-up (ie just picking which services you wish to switch on and letting Apple sort out the relevant ports). From the manual, it offers: > You can choose not to enable Firewall, to add all filter rules by yourself, or > enable the Firewall using preset filter rules and modify the port filter rules > as required. The Packet Filter is used to filter packets based-on Applications > (Port) or IP addresses. > There are four options when you enable the Firewall, they are: > All blocked/User-defined: no pre-defined port or address filter rules by > default, meaning that all inbound (Internet to LAN) and outbound (LAN to > Internet) packets will be blocked. Users have to add their own filter rules > for further access to the Internet. > High/Medium/Low security level: the predefined port filter rules for High, > Medium and Low security are displayed in Port Filters of Packet Filter. > Select either High, Medium or Low security level to enable the Firewall. The > only difference between these three security levels is the preset port filter > rules in the Packet Filter. Firewall functionality is the same for all levels; > it is only the list of preset port filters that changes between each setting. > For more detailed on level of preset port filter information, refer to Table > 1: Predefined Port Filter. > If you choose of the preset security levels and then add custom filters, you > may temporarily disable the firewall and recover your custom filter settings > by re-selecting the same security level. > The ³Block WAN Request² is a stand-alone function and not relate to whether > security enable or disable. Mostly it is for preventing any scan tools from > WAN site by hacker. I tried switching on the firewall and going with the pre-selected "medium" security level, but found that things like streaming internet radio didn't work. I dropped the security to "low" but it still didn't work. If I switched the firewall off, however, all was fine - so that had to be the culprit. I tried looking at Table 1: Predefined Port Filter but I guess I don't know enough about what actual ports are needed to mess with changing the defaults. The only one which looked relevant to me was: RealAudio/RealVideo - UDP(17) on port (7070) But according to Table 1 both medium and low security levels allow both inbound & outbound traffic on this port. So I guess what I'm looking for is: i) Some advice as to what I should be setting up re firewall - router only, router & individual computer or individual computer only. ( My instincitve feeling is I need the firewall on in the router as the first component any outside traffic hits but I shouldn't really need them on the individual computers as they should be safe behind the firewall - but is there any advantage to the "belt & braces approach?) ii) An idiots guide to firewall set-up - open port#x inbound for streaming audio/video, open inbound & outbound ports#y for iChat, ports#z for VOIP etc. iii) Is ³Block WAN Request² something I should just turn on or might it mess-up other things? If anyone could offer any advice on the above (or links to really good advice) that would be really good :) TIA Neil -- Neil R. Houghton Albany, Western Australia Tel: +61 8 9841 6063 Email: [EMAIL PROTECTED] -- The WA Macintosh User Group Mailing List -- Archives - <http://www.wamug.org.au/mailinglist/archives.shtml> Guidelines - <http://www.wamug.org.au/mailinglist/guidelines.shtml> Unsubscribe - <mailto:[EMAIL PROTECTED]>
