Subj : Re: For Trouble re Home Network Security To : alt.tv.farscape From : Trouble Date : Thu Sep 08 2005 15:30:26 From Newsgroup: alt.tv.farscape TNW7Z7Z7Z12345 wrote: > Trouble wrote: >> >> TNW7Z7Z7Z12345 wrote: >> > The router configuration options mostly seem to be for the wireless >> > network. The only settings that I guess cover both the wireless >> > network and the ethernet connection to the desktop are "WAN >> > privacy" settings. >> WAN Privacy? Hmmm, do you know what version of the setup you have? > The link you gave me below (instructions) is excellent! Thank you for > that. If you go to that page > , scroll > down, and then click on: "Airport Tab (start here)", on the page that > takes you to, look at the 4th bullet. That explains the "WAN > Privacy." > Now I'm very bummed; it says: "...enabling any of them allows people > connected to the upstream network to connect to your AEBS and > potentially change its settings. For example, this could be anyone > attached to the cable or DSL network." > That means I should turn off "remote printer access," but when I do > that, wireless printing gets very funky (I have to go through a > several minute process of deleting and re-selecting the printer). I > will probably upgrade the OS in the next few months (and then upgrade > my airport software); maybe that will allow wireless printing with > that option "off." IF you've left the remote printer on all this time and no one has done anything with it, leave it... the others are far more intrusive and the bulk of what you should be worried about people doing. If OS X fixes the issue shut it down then. > By "Filesharing" I mean creating a little network between my laptop > and desktop to pass files back and forth. To do this I have to > specifically turn on "Sharing" on at least one machine. Use a strong password as the one site you mention says and this is as safe as you can make it, and keep it on. > There seems > to be two ways to share - via AppleTalk (older and probably safer > protocol) which I can't always get to work. And the other involves > sharing over the internet or via TCP/IP or something (I can't see the > exact name right now, as they are on my OS9 Desktop, and I'm on the > OSX laptop). Via TCP/IP which is what we're talking about, networks completely off the internet can use the TCP/IP protocol. > Anyway, now I am guessing that sharing must open one of the ports in > the router. (I just found this web page from 2002, which has info. for > exactly my set up: > http://wcts.whitman.edu/whit.bits/october2002/MacFileSharing.html). A > long time ago I had a fantasy of keeping sharing on all the time so I > could zap files back and forth. But now, out of fear, I turn it on > only for a few minutes at a time. And that website seems to confirm > that caution. Leaving file sharing on all the time makes your machine vulnerable in the event that if there are any security problems found with the ABS that allow outsiders to bypass router security, your system is open. Because the Internet connection is always on, there are bad guys out there always checking the locks of people's computers. This is the equivalent of locking the door, but leaving the house alarm off, if someone breaks in the door, they get in, the filesharing mode is just one more lock/alarm they have to bypass. This person is being cautious, and with broadband you should be. You are not 'unsafe' if you leave filesharing on, your data is safer if you leave it off. > But I'm still confused. Would sharing between my two computers not > work if my cable connection went dead? No, it would work fine so long as the router was on, its the glue between the two systems. > Or does via "internet" or "TCP/IP" simply mean using the router? > And how is it that businesses have internet access and internally share > files all the time without making themselves vulnerable? > Do they use different routers - one for internet access and one for > file sharing? Nope, they share internally, and block outside access with the router. -- "Do not seek to follow in the footsteps of the wise. Seek what they sought." --Basho .