Subj : Re: For Trouble re Home Network Security To : alt.tv.farscape From : Nick Date : Wed Sep 07 2005 19:39:21 From Newsgroup: alt.tv.farscape TNW7Z7Z7Z12345 wrote: > Cut/altered a little from my original post -- > > My router is the Airport Extreme Base Station. I have the wireless > network closed, encrypted (only WEP though, not WPA) plus have the OSX > software firewall on in my laptop. So I assume my laptop is relatively > safe. > > However, I also have an older Mac desktop (OS9 so no software firewall) > connected to the router via ethernet cable. That's the one I wonder > about. > > The router configuration options mostly seem to be for the wireless > network. The only settings that I guess cover both the wireless > network and the ethernet connection to the desktop are "WAN privacy" > settings. (although I'm not sure about that). Out of paranoia, I shut > off SNMP access, remote configuration, and default host, although I > haven't a clue what they are. The only thing I'm allowing is remote > printer access, as there seems to be a glitch with wireless printing > when that is off. > > If I go to the Symantec website and do one of those free security > probes, they tell me (and I have no idea what any of this means) that > ICMP ping is open, all other ports are closed, but that the only port > that is actually stealth or hidden is HTTP Port 80. > > I assume the scan is reading the router, not my computer, so that's the > router firewall that is all closed up. But I had hoped that my WAN > settings would make the router "stealth" or hidden, which obviously > they don't. > > Would you consider my setup safe? I don't worry too much as nothing > out there targets Macs, but I wonder about it when I turn on > filesharing. > > What I would give for an old fashioned manual that attempted to explain > this to a lay person... You should be fine. The wired connection is actually more secure than the wireless one. You most likely don't need a software firewall inside your network either. I am not sure what you mean by making the router hidden. The symantec site is checking the ip address that you came in on so it is going to hit your router. If it couldn't get to your router then you couldn't get any data through it. As for the wireless settings, you should be fine with a wep key. Anyone trying to get in would have to be within 150 feet of your airport and then they would also need to know the wep key to gain access. If you want additional security you can also turn off the broadcasting of your network id. I have 4 computers on the network at home, none of them are running a software firewall and I haven't had anything get in in 5+ years. .