Wednesday, March 26, 2008

Firewall Problems

If you have installed a router/switch device between your network and a broadband Internet connection, be sure to read the manual thoroughly and understand how the device should be configured. Many come with default settings, but you need to fill in some information, such as the address of the broadband lint, if your service provider gives you a static address. In most cases, the provider will be
using DHCP also, so you won't have to make any changes. If you do have to make changes, write them down and keep the information handy for later troubleshooting efforts.

It's not a good idea to mix computers you use for play with those you use for business on the same network. If you do, you are just asking for trouble. If you play Internet games—those that allow you to interact with other users playing the same game on the Internet—you might be instructed to change the port settings on a small switch/router that also functions as a firewall. If you start playing around with opening, disabling, or forwarding ports, keep track of the changes you make. If something stops working after you've made a change, undo the modification and see whether the changes you've made have caused the problem.

Internet 2010

Some users prefer to use the demilitarized zone (DMZ) option as an alternative to fiddling around with router settings to make online gaming possible.

Remember that the firewall capabilities of a small switch/router are minimal and are designed to protect you from simple attacks from the Internet. It might be that the default settings are very stringent and if you end up making changes that relax the firewall settings, you might also be opening a door that can allow bad things into your small LAN.

Keeping Your Network Healthy

Another good reason to keep your entertainment computers separate from your business LAN is that you don't want to be surfing the Web, find a neat program, and download a virus or some other bad program that will start to eat up things in your network. This is yet another reason other people shouldn't be using your business computer to access the Internet. Additionally, if you have children who want to use the Internet, you might want to buy them their own computer and provide a separate Internet connection. The shorthand is like this: Play games on your play computers; do business on your business computers. If at all possible, it's not a bad idea to adopt this policy. With computer prices falling and the fact that many people keep older computers after upgrades, this may be more feasible than ever.

And, of course, because business is business, back up your files on a regular basis. Above all, it's worth the cost to buy a good antivirus software package and keep it updated. The cost is a tax deduction and it will save you a lot of grief if something bad does get loose in your network.

For the safety of your network, a good antivirus program should be used to scan all disks on all computers on your LAN on a very frequent basis—such as nightly when you are asleep. A good antivirus program should also download updates (new virus definitions) frequently. Daily updates are recommended. If you hear of a new virus outbreak, you should immediately check for updates manually.

Keep in mind that if you don't keep your virus definitions up-to-date, then when one gets loose in even a large network, much less a small one, it can wreak havoc as it quickly spreads.

Lastly, a good antivirus program should detect malicious attachments when you are sending and receiving email, and should check removable media (such as a floppy disk) and block you from copying files if the removable media contains a virus or some other threatening program.

Unless your antivirus program was part of a security suite, you might not have anti-spyware software. Make sure you obtain and use two or more anti-spyware programs. Unlike antivirus programs, which can conflict with each other, it's okay to install more than one anti-spyware program.

No comments:

Internet Blogosphere