From: Digest To: "OS/2GenAu Digest" Date: Tue, 21 Jan 2003 00:02:03 EST-10EDT,10,-1,0,7200,3,-1,0,7200,3600 Subject: [os2genau_digest] No. 529 Reply-To: X-List-Unsubscribe: www.os2site.com/list/ ************************************************** Monday 20 January 2003 Number 529 ************************************************** Subjects for today 1 [os2genau] Internet security question : Gavin Miller" 2 [os2genau] Help needed with InJoy FireWall setup. : Chris Graham [WarpSpeed]" 3 Re: [os2genau] Internet security question : Ed Durrant 4 Re: [os2genau] Help needed with InJoy FireWall setup. : Ian Manners" 5 Re: [os2genau] Help needed with InJoy FireWall setup. : Chris Graham [WarpSpeed]" **= Email 1 ==========================** Date: Mon, 20 Jan 2003 08:51:12 -0500 (EST) From: "Gavin Miller" Subject: [os2genau] Internet security question Hi guys, I'm a tad confused about NETBIOS, NETBIOS over TCP/IP and file/printer shareing. I have a win 98 box LAN'd to the OS/2 box. I need netbios to comunicate with the win98 box right, and I have file shareing on the win98 box so I can transfer files from it. My OS/2 box has an internet conection (just dial up). The way I understand it, both boxes need netbios over tcp/ip in order for outsiders to gain access. Is that right, or is my system a security risk? Cheers G ---------------------------------------------------------------------------------- **= Email 2 ==========================** Date: Mon, 20 Jan 2003 15:24:58 +1100 (EDT) From: "Chris Graham [WarpSpeed]" Subject: [os2genau] Help needed with InJoy FireWall setup. Hi All, I'm having some troubles in getting the firewall with InJoy correctly configured to prevent all inbound accesses to one pc, but allow all outbound. As well as another pc blocking all inbound except WWW and TELNET and also allowing all outbound. In ready the docs, it says that the rules are executed in order, so I've put them first. Should I have put them last? This is what I've got and it stops everything. No outbound access at all, so I'm confused: KATE-INBOUND Rule-Status = Disabled, Comment = "Disable all inbound accessed to Kate's PC", Source = "any", Destination = "kate.warpspeed dot com dot au", Service-List = "0:65535", Rule-Action = Deny KATE-OUTBOUND Rule-Status = Disabled, Comment = "Enable all outbound accessed to Kate's PC", Source = "kate.warpspeed dot com dot au", Destination = "any", Rule-Action = Allow MAIN-INBOUND Rule-Status = Disabled, Comment = "Disable all inbound accessed to the MAIN PC except WWW", Source = "any", Destination = "main.warpspeed dot com dot au", Service-List = "0:65535 -WWW", Rule-Action = Deny MAIN-OUTBOUND Rule-Status = Disabled, Comment = "Enable all outbound accessed to the MAIN PC", Source = "main.warpspeed dot com dot au", Destination = "any", Rule-Action = Allow -Chris WarpSpeed Computers - The Graham Utilities for OS/2. Voice: +61-3-9307-0611 PO Box 212 FidoNet: 3:632/344 FAX: +61-3-9307-0633 Brunswick Internet: chrisg at warpspeed dot com dot au BBS: +61-3-9307-0644 VIC 3056 CompuServe: 100250,1645 300-28,800 N,8,1 ANSI Australia Web Page: http://www.warpspeed dot com dot au ---------------------------------------------------------------------------------- **= Email 3 ==========================** Date: Mon, 20 Jan 2003 18:00:34 +1100 From: Ed Durrant Subject: Re: [os2genau] Internet security question File and printer sharing use SMB. SMB can run either via NETBEUI (NETBios extended User Interface) or via TCPBEUI (Netbios over TCPIP). There are two forms of this latter option. One used by OS/2 Warp up to MPTS v6 and Windows 9x and NT, and another used by Win2k and XP and available in OS/2 in MPTS v6 and above. The difference is the former requires a WINS Infrastructure (either WINS servers or LMHOSTS files) to resolve machine names into IP addresses and the latter uses standard DNS. You should ALWAYS have a firewall between your internal LAN and the Internet. Cheers/2 Ed. Gavin Miller wrote: > Hi guys, > > I'm a tad confused about NETBIOS, NETBIOS over TCP/IP and file/printer shareing. > > I have a win 98 box LAN'd to the OS/2 box. I need netbios to comunicate with the win98 > box right, and I have file shareing on the win98 box so I can transfer files from it. My > OS/2 box has an internet conection (just dial up). The way I understand it, both boxes > need netbios over tcp/ip in order for outsiders to gain access. Is that right, or is my > system a security risk? > > Cheers > G > > ---------------------------------------------------------------------------------- **= Email 4 ==========================** Date: Mon, 20 Jan 2003 18:31:14 +1100 (EDT) From: "Ian Manners" Subject: Re: [os2genau] Help needed with InJoy FireWall setup. Hi Chris >KATE-INBOUND Rule-Status = Disabled, Change "Disabled" to "Always" Also check that ALL lines end with a comma. I'll send you demo files off list. Cheers Ian B Manners http://www.os2site dot com/ Is there a Lawyer in the House? -=}BLAM!{=- Any more!? ---------------------------------------------------------------------------------- **= Email 5 ==========================** Date: Mon, 20 Jan 2003 22:10:55 +1100 (EDT) From: "Chris Graham [WarpSpeed]" Subject: Re: [os2genau] Help needed with InJoy FireWall setup. On Mon, 20 Jan 2003 18:31:14 +1100 (EDT), Ian Manners wrote: >Hi Chris > >>KATE-INBOUND Rule-Status = Disabled, > >Change "Disabled" to "Always" >Also check that ALL lines end with a comma. Sorry. Stupid me. Please ignore that. I had to turn it off otherwise the PC's were blind to the world. -Chris WarpSpeed Computers - The Graham Utilities for OS/2. Voice: +61-3-9307-0611 PO Box 212 FidoNet: 3:632/344 FAX: +61-3-9307-0633 Brunswick Internet: chrisg at warpspeed dot com dot au BBS: +61-3-9307-0644 VIC 3056 CompuServe: 100250,1645 300-28,800 N,8,1 ANSI Australia Web Page: http://www.warpspeed dot com dot au ----------------------------------------------------------------------------------