Am Do, den 02.09.2004 schrieb cviniciusm um 20:58: > I have a nic card and a ADSL modem. The ADSL modem thas NAT, Firewall, > IP Filter and DHCP Server. The nic card has a private IP address and > the modem has a public IP address. All just works fine. The firewall > has attack protection and DOS protection both active. Need I more > protection, on Windows 2000 and on Fedora Core 2? I suppose you don't have an ADSL modem but an ADSL modem router. I think, you are basically fine with that kind of equipment and you should not have to worry about security too much. In the detail it depends much on the ADSL modem routers manufacturer, but generally it is the best way to protect yourself. If you have a ADSL connection, you usually not own a static IP address but use a dynamic address. DoS is usually not really a problem in this situation. You may check from another computer on the internet if / which ports are open on your firewall (ports on the machines of your private network doesn't matter). You may use one of the web services which check your equipment for open ports, etc. (e.g. using nmap). But all ADSL modem router manufacturer I know have a secure pre-configuration regarding these issues. With some products there are other issues. If your connection is time based, you will shut it down if no traffic occures. One well known issue is that some routers will not shut down if they receive traffic (e.g. pings) from the public side, which costs your money, but is not a security issue. Others don't even perform a time out. The firewall / NAT functionality does not protect you from attacks using well known bugs in Internet Explorer or trojaners sent you by mail. You have to take care about these issues as usual. But it should protect you from getting infected by worms like sasser (which use specific open ports in windows), but if you are infected by a worm like sasser in some other way, your firewall may not prevent sasser from doing its job (sending mail using it own smtp daemon). (That is because these appliances are usually configured to allow all traffic initiated from the inside and to disallow all traffic initiated from the public side). Peter
