DNS is 53
Disable tcp/ip sharing
Still easier to setup ipchains and use a linux machine to masq as a
gateway
-------------------------------------------------
On Wed, 25 Aug 1999, Sweeney, Patrick wrote:
> IMHO the best option is to buy a powerful desktop, install NT or Linux and a
> real Firewall.
>
> The option I would suggest is cheaper and easier but should not be
> considered secure.
>
> UMAX makes a product called UGate+ which is a combination Cable/Modem or DSL
> Router and DHCP server.
>
> Buy this and plug it into your hub. If you are networked using coax I think
> you will need to buy a small hub with a coax uplink. Connect the hub to the
> inside port of the UGate+ and the Cable/Modem to the outside port.
>
> Set your machines up to use DHCP (In windows this means install TCP/IP and
> then do nothing to modify it.)
>
> The UGate+ will assign IP Addresses to your machines that are compliant with
> RFC 1918. (You may want to manually assign an IP address to the server.
> Server's are normally fixed - but in your environment it might not matter.)
> It will perform network address translation for your machines so when they
> connect to the internet outside servers can respond to you.
>
> This leaves your machines wide open to the internet. UMax claims the UGate+
> is also a firewall. The behavior they describe is actually port blocking
> which I think falls far short of being a firewall. It doesn't mean you
> shouldn't use it.
>
> You will need to open ports 110 and 25 to send and receive email.
>
> You will need to open port 80 to browse the web and may want to open the
> alternate http port 8080.
>
> You will need port 443 to view secure web sites and may want to open port
> 543 which is the alternate https port.
>
> Port 21 for FTP.
> Port 23 for telnet.
>
> I'm not sure what you need to do for DNS but you need to find out.
>
> I'm not sure what the UGate+ will do with ICMP (like Ping) so people may be
> able to see into your network and find machines. Blocking ports lowers the
> probability they will be able to grab files - but it doesn't eliminate it.
>
> If you want to add other services (Real G2 for example) I would suggest you
> take a look at http://www.axent.com. They offer numerous pages of
> information on proxying particular services with their firewall. If you
> look at the info for a service you want and open the destination port they
> specify on your UGate I think you will be in business.
>
> (One note, the UGate throttles your connection speed down to about 1.8MbPS.
> This shouldn't be noticeable in the environment you describe so don't worry
> about it.
>
> -----Original Message-----
> From: Daren John [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, August 25, 1999 11:32 AM
> To: [EMAIL PROTECTED]
> Subject: Cable Internet Setup...what is the best way?
>
>
>
> If anyone can help:
>
> I have internet access via the local cable operator.
> I have an NT server, and 3 clients (two desktops and a laptop)
>
> What have you found to be the best set up for this type of environment?
>
> Regards,
>
> DJM
>
>
> _______________________________________________________________
> Get Free Email and Do More On The Web. Visit http://www.msn.com
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
