Author: pavel
Date: 16:10:06 05/16/02
Go up one level in this thread
On May 16, 2002 at 16:02:04, Roy Eassa wrote: >On May 16, 2002 at 15:38:01, Roy Eassa wrote: > >>On May 16, 2002 at 15:24:43, Roy Eassa wrote: >> >>>On May 16, 2002 at 15:10:57, Jon Dart wrote: >>> >>>>On May 16, 2002 at 14:39:00, Roy Eassa wrote: >>>> >>>> >>>>> >>>>>Jon, may I ask a question about this topic? >>>>> >>>>>I have a Linksys cable router (BEFSR41) that connects my computers to the cable >>>>>modem. I've heard that it's an "OK" firewall as is, but would be a very good >>>>>firewall if you configure it a certain way. What would I need to do? >>>> >>>>This is getting pretty far OT .. routers can generally be configured to block >>>>access to particular ports. Some routers can do more sophisticated firewall >>>>functions, such as "stateful inspection": this allows you, for example, to let >>>>in only Internet traffic that comes in response to a request you have initiated. >>>>How you do this is vendor-dependent. My DSL router has a web-based admin GUI >>>>that you can use to configure it. But if your ISP installed the router, they may >>>>not want you reconfiguring it .. it is more possible support headaches for them >>>>if you have problems. >>>> >>>>--Jon >>> >>> >>> >>>The Linksys router is my own, not the cable company's. They don't even like >>>that I have it. It is, like yours, configurable via WWW. I don't recall seeing >>>"stateful inspection" but I know you can block ports (etc.). I just don't know >>>which ones to block. >>> >>>When I bought the thing (March of 2000) I thought I was forever safe because it >>>separates the cable company from my computers (which are essentially on a >>>separate LAN). Now I'm not so sure, but I guess I'm too thick-headed in this >>>area to understand the nature of my vulnerability given the separate LAN. >>> >>>Any help is appreciated -- including more general explanation and/or links to >>>web pages that explain. Thanks! >> >> >> >>Some choices in the router's Filter menu: >> >>SPI: Enable/Disable >>Block WAN Request: Enable/Disable >>Multicast Pass Through: Enable/Disable >>IPSec Pass Through: Enable/Disable >>PPTP Pass Through: Enable/Disable >>Remote Management: Enable/Disable >>Remote Upgrade: Enable/Disable >>MTU: Enable Disable Size: > > >Turns out SPI _does_ mean "Stateful Packet Inspection", about which the Linksys >web site confusingly says: > >"This feature checks the state of a packet to verify that the destination IP >address matches the source IP of the original request. To use the firewall >click the Enable button; otherwise select Disable to use the NAT firewall." > > >To use one type of firewall, enable; to use another type, disable??? SPI should be turned on to help stop "ip Spoofing". Since I understnad from your post that you are sitting on a LAN, this can be an important factor, to enable it. pavs
This page took 0 seconds to execute
Last modified: Thu, 15 Apr 21 08:11:13 -0700
Current Computer Chess Club Forums at Talkchess. This site by Sean Mintz.