From: Digest To: "OS/2GenAu Digest" Date: Mon, 5 Sep 2005 00:02:58 EST-10EDT,10,-1,0,7200,3,-1,0,7200,3600 Subject: [os2genau_digest] No. 1181 Reply-To: X-List-Unsubscribe: www.os2site.com/list/ ************************************************** Sunday 04 September 2005 Number 1181 ************************************************** Subjects for today 1 Re: ADSL Router : Mike O'Connor" 2 Re: ADSL Router : Peter Rehfisch" 3 Re: ADSL Router : Mike O'Connor" 4 Re: ADSL Router : Peter Rehfisch" 5 Re: ADSL Router : Mike O'Connor" 6 Re: ADSL Router : Peter Rehfisch" 7 Re: ADSL Router : Ian Manners" 8 Re: ADSL Router : Ian Manners" 9 Re: ADSL Router : Ian Manners" 10 Re: ADSL Router : Ian Manners" **= Email 1 ==========================** Date: Sun, 04 Sep 2005 01:07:09 +1000 From: "Mike O'Connor" Subject: Re: ADSL Router Peter Rehfisch wrote: >Do you use a firewall on the computers attached to the router? Wouldn't this make P2P more >difficult? > > Hi Peter, I have my Internode 1.5M/256K ADSL [PPPoA selected - could use PPPoE instead, but PPPoA recommended as better] set up so that the ADSL line goes directly to a Linksys AG041 Gateway [4-port 10/100mbps Router/SPI Firewall etc.], with just one of the ports wired directly to a XNet 8-port 10/100 switch. the other 4-5-6 systems all are connected directly to the switch only and I'm only running TCP/IP and regular Netbuei [IBM Netbios], so every system has direct internet access independent of any other system - E-Mail on one, News on another, Browsers on a couple etc, with nothing exposed externally. I haven't used IBM's "P2P" {Network Person[s] to Person[s] application - Whiteboarding/Video etc., between OS/2 systems} since about 1994 when it came out with Warp 3 Connect as part of the first BonusPak, so I assume you're referring to the misnomer for "Peer" networking! It's great - after having only had dial-up access on a poor quality PSTN line for years prior to getting ISDN 64Kb access for the past couple of years immediately before longer-run [> 3.5KM] ADSL was implemented by Teletra. Internode are extending their 12Mbps ADSL2, now upped to 24Mbpfs ADSL2+ throughout Metro areas outside of Adelaide and parts of Melbourne, at prices that are very good -- 12M/1M is the same price where available as regular 1.5M/256K/5GB-month at full speed etc for $59.95 - I love it :-) -- Regards, Mike Failed the exam for -------------------- MCSE - Minesweeper Consultant and Solitaire Expert -------------------- [Please ZIP any attachments, other than GIF/JPG or plain-text] ---------------------------------------------------------------------------------- **= Email 2 ==========================** Date: Sun, 04 Sep 2005 10:16:25 +1100 From: "Peter Rehfisch" Subject: Re: ADSL Router So how do I know if the router is set up securely enough not to need a software firewall on the computers. I tried ShieldsUp at www.grc dot com and it passed. Is this enough? ---------------------------------------------------------------------------------- **= Email 3 ==========================** Date: Sun, 04 Sep 2005 11:20:17 +1000 From: "Mike O'Connor" Subject: Re: ADSL Router Peter Rehfisch wrote: >So how do I know if the router is set up securely enough not to need a software firewall on >the computers. I tried ShieldsUp at www.grc dot com and it passed. Is this enough? > > Hi Peter, Did you get a perfect "Stealth" on the 1056[?] ports that GRC tests -- no responses to any of the ports probed? That's what I get here - omitted to mention that NAT is also enabled of course in the AG041 that I have. I have no software firewall at all here and have had no problems with at least a couple of my systems on ~24 x 7 [~150 days plus since ADSL connected]. -- Regards, Mike Failed the exam for -------------------- MCSE - Minesweeper Consultant and Solitaire Expert -------------------- [Please ZIP any attachments, other than GIF/JPG or plain-text] ---------------------------------------------------------------------------------- **= Email 4 ==========================** Date: Sun, 04 Sep 2005 12:45:57 +1100 From: "Peter Rehfisch" Subject: Re: ADSL Router Mike O'Connor wrote- >Did you get a perfect "Stealth" on the 1056[?] ports that GRC tests -- Yes- is that enough to mean I don't need the Injoy Firewall? ---------------------------------------------------------------------------------- **= Email 5 ==========================** Date: Sun, 04 Sep 2005 13:47:49 +1000 From: "Mike O'Connor" Subject: Re: ADSL Router Peter Rehfisch wrote: >Mike O'Connor wrote- > >>Did you get a perfect "Stealth" on the 1056[?] ports that GRC tests -- >> >> >Yes- is that enough to mean I don't need the Injoy Firewall? > > Hi Peter, That has been my personal experience, but as they say YMMV - but I feel quite safe with the SPI-level hardware Firewall and NAT, although as yet on my 1999 VAIO Notebook, {finally with OS/2 on it in addition to original [Sony OEM Version with AFAICS all of the Sony-specific SE features (Firewire etc.) before they were released]W98, following a HDD upgrade from 6.4 to 30GB}, on which Internet Exploder/!Look-OUT! have _never_ been used, {I used NS 4.73 and 6.0 under OS/2 InJoy (Dialler only - not the FW)} running on another LAN system with NAT enabled -- on either Warp/MCP or eCS 1.x, I haven't been in any hurry to do so as I've had more pressing hardware stuff to sort out on our favourite OS - dying HDUs etc. All the best! -- Regards, Mike Failed the exam for -------------------- MCSE - Minesweeper Consultant and Solitaire Expert -------------------- [Please ZIP any attachments, other than GIF/JPG or plain-text] ---------------------------------------------------------------------------------- **= Email 6 ==========================** Date: Sun, 04 Sep 2005 21:50:54 +1100 From: "Peter Rehfisch" Subject: Re: ADSL Router So.... I can access Internet through each computer now connected to the router, and they can ping each other, but not see each other on the network. I have TCPIP and netbios on each NIC. Do I need TCPIP settings for routing? Host names? Any suggestions? ---------------------------------------------------------------------------------- **= Email 7 ==========================** Date: Sun, 04 Sep 2005 23:05:00 +1000 (EST) From: "Ian Manners" Subject: Re: ADSL Router Hi Peter > I have a Netcomm 1300 4 port router for my ADSL connection. This allows 2 computers to each > access the Internet. > Can I use the router to connect the 2 computers Peer-to-Peer? Yes, you can use the NB1300 4 port to connect 2-4 computers using Peer Networking, it is simply a hub that has been included with the standard Netcomm ADSL Modem/Router all as one package. It will happily work with TCP/IP as well as other protocols such as NETBEUI, either as a straight protocol, or over TCP. You would simply setup your peer network as per normal, ensuring that each computer has a different Peer Computername but all on the same Peer Domain (called workgroup under windows). Be mindful that you do need to install IBM's Peer Lan software, this is not normally installed by default. I'd have to dig around to find out were it lives on the OS/2 CD, some earlier (no idea if it still is or not) OS/2 Lan software installs use to put the peer install files in x:\ibmlan\install You can find information in NETBEUI over TCP/IP, or just straight NETBEUI in the mailing list archives at http://www.os2site.com/list/digest/ also try the http://www.os2voice dot org/ newsletter archives. Cheers Ian Manners http://www.os2site dot com/ A 100% right of return both ways. ---------------------------------------------------------------------------------- **= Email 8 ==========================** Date: Sun, 04 Sep 2005 23:13:53 +1000 (EST) From: "Ian Manners" Subject: Re: ADSL Router Hi Peter > So how do I know if the router is set up securely enough not to need a software firewall on > the computers. I tried ShieldsUp at www.grc dot com and it passed. Is this enough? If your not using external 'Peer to Peer' internet software or other programs that need access to non standard ports when replying to an internally generated TCP request, then just having NAT (Network Address Translation) should be all that you need. In fact Netcomm do have a basic firewall ontop of the NAT in the NB1300 which will also allow you to open one or more ports anyway. Injoy firewall's main use is for people that want to log data flow, as well as have select ports open to allow external uses access to your internal resources. It also depends on your level of parania :-) On the other hand, if one of your computers is Windows, I would use a firewall to ensure that all windows generated packets apart from what are really required to exit your network, are stopped at your network border. If GRC reports that you are in Stealth mode, with no open ports then all is generally well. This could quite easily turn in to a rather lengthy topic to. Cheers Ian Manners http://www.os2site dot com/ PACT ShutDown, Get outta Windows the way you want: reformat the hard disk and install OS2!! ---------------------------------------------------------------------------------- **= Email 9 ==========================** Date: Sun, 04 Sep 2005 23:21:36 +1000 (EST) From: "Ian Manners" Subject: Re: ADSL Router Re what Kris Steenhaut wrote: > If you are using adsl with a dynamic IP address, a firewall isn't much > of a use anyway. Correct, all you need is NAT unless you are hosting a website or other server that is. > So, no, I don't use the inbuild router's firewall, coz it would be > senseless. Only if you need port(s) open to the outside world. It can come in handy though to log data if you are curious put thats something for you. If your running pure OS/2 with no server software running, then your very much safe anyway, even without NAT but NAT gives you a nice fuzzy feeling of security, and it doesnt hurt to be sure. Cheers Ian Manners http://www.os2site dot com/ Bus error: passengers dumped ---------------------------------------------------------------------------------- **= Email 10 ==========================** Date: Sun, 04 Sep 2005 23:22:09 +1000 (EST) From: "Ian Manners" Subject: Re: ADSL Router Hi Peter > Do you use a firewall on the computers attached to the router? Wouldn't this make P2P more > difficult? Working on what Mike said, if your talking about any data moving on your internal network, the NB1300 NAT. and/or firewall have no say in relation to that data, both NAT and the Firewall only act on data coming in, and going out, on your routers "external" interface, ie, the telephone line side of the netwrok in this case. If you are using IBM's LAN Peer networking inside your network, that will work fine, if you are in fact talking about Internet Peer to Peer software, than you may need to open ports on your firewall, this also depends on the PP software used. This is a generalisation, there are always exceptions. Cheers Ian Manners http://www.os2site dot com/ "My mom said she learned how to swim. Someone took her out in the lake and threw her off the boat. That's how she learned how to swim. I said, 'Mom, they weren't trying to teach you how to swim.' " --Paula Poundstone ----------------------------------------------------------------------------------