Network question

[Peter Korsten]

Paul Maddox (Mail LIsts) schreef:

> Peter,
> 
>> But wait a moment, I've got all machines connected to the *router*. With
>> the switch, you could run into trouble with allocating network ports. A
>> switch just switches, whereas a router has that little bit extra that
>> makes it work hassle-free.
> 
> Errrr, no.

Errrr, yes. :) I'm talking about things like NAT and port mapping, so 
that two machine can both have the same port open. Otherwise, your modem 
would need to be able to handle more than one session at the same time. 
Now some of them support this (like my WiMax modem), but I wouldn't bet 
that all of them do.

> Rule 1) Do NOT rely on windows firewall, it's pants. Windows is accredited
> to EAL4+, but what they don't tell you is that their test scenario is when
> the machine isn't connected to a network!

Good to know.

> Rule 2) Put the firewall between you and the rest of the world, again 99% of
> ADSL modems have a firewall in them. If it doesn't get one, ASAP.

Or use the one in your wi-fi broadband router, which would typically 
have a WAN port as well, and not require so many features (like a DHCP 
server or a firewall) in your modem.

> Rule 3) Bolt down your Wifi as far as possible, use WEP (3DES if you have
> it) and Mac address locking.

Um, I'd suggest WPA. Only use WEP if there is no alternative.

- Peter