SCOUG-HELP Mailing List Archives

<< Previous Message << >> Next Message >>

Date:	Sun, 23 Feb 2003 15:57:29 PST8
From:	"Dave Watson" <david.watson@earthlink.net >
Reply-To:	scoug-help@scoug.com
To:	Harry Chris Motin <hmotin@attglobal.net > , scoug-help@scoug.com
Subject:	SCOUG-Help: Firewall Experience, Anyone??

Content Type: text/plain

=====================================================
If you are responding to someone asking for help who
may not be a member of this list, be sure to use the
REPLY TO ALL feature of your email program.
=====================================================

On 23 Feb 2003 at 14:05, Harry Chris Motin wrote:
> 1.Can the Injoy firewall be set up on an individual OS/2 computer that
> is not a gateway to the Internet, but is instead connected via:
> computer-to-router-to-DSL modem-to-Intenet?
> 2.Are there any other software firewalls besides Injoy?

Yes and yes. We demo'd a couple of firewalls at a SCOUG meeting a
couple of years ago. Didn't get much interest. Since OS2 systems are
rarely attacked, the risk doesn't warrant much protection. Most internet
attacks are automated exploits against well known Windows holes
which most Windows users don't patch. I don't think I've heard of
anyone being damaged by an internet attack against an OS2 system.
Anybody heard of such attacks?

TCPIP 4.1 has built-in basic firewall functions. VOICE has an article
on this at
http://www.os2voice.org/VNL/past_issues/VNL0203H/vnewsf2.htm

What this and other software firewalls usually do is called packet
filtering, which means you can establish rules for allowing or blocking
traffic through individual ports. This doesn't always work since you
sometimes need traffic through certain ports in order to achieve
desired utility from your internet connection, and attackers often know
how to take advantage of vulnerabilities in applications that use
normally open ports.

If you have files or systems worth protecting, you should probably
consider getting a "real" firewall. They can be had for a few hundred
up to 10's of thousands of dollars. Many of these use proxies which
evaluate the traffic and make decisions based on more complex
criteria than just open or block a particular port. They go between your
router and modem and look at all the traffic coming into your network,
making decisions based on the nature of the content. Makes it tougher
to poke through.

Packet filtering is a good way to start. Gives you logs that might give
indications of attacks that have occurred against your systems. Also
gives you some detailed insights into networking.

=====================================================

To unsubscribe from this list, send an email message
to "steward@scoug.com". In the body of the message,
put the command "unsubscribe scoug-help".

For problems, contact the list owner at
"rollin@scoug.com".

=====================================================

Return to [ 23 | February | 2003 ]

SCOUG, Warp Expo West, and Warpfest are trademarks of the Southern California OS/2 User Group. OS/2, Workplace Shell, and IBM are registered trademarks of International Business Machines Corporation. All other trademarks remain the property of their respective owners.