 |
 |
AE base station secure enough? Worth going through a router first?
|
|
|
|
|
Forum Regular
Join Date: Aug 1999
Location: Los Angeles, CA
Status:
Offline
|
|
I just got an AE basestation and card. I was using a Linksys cable/dsl router. I'd like to be able to retire the router since I've just got one computer.
What I'd like to know is if the AE base station is secure enough to connect right to the cable modem. I understand that the base station uses NAT to mask its services, but is that enough?
The Linksys router has a firewall built-in, so is it worth having the base station go through that first? It IS an extra layer of protection.
Thanks for any answers,
Don
|
|
|
| |
|
|
|
|
|
|
|
Moderator Emeritus  Join Date: Dec 2000
Location: College Park, MD
Status:
Offline
|
|
from here
3. Provides tight security
The AirPort Extreme Base Station comes equipped with a built-in firewall to help prevent access to sensitive data on your computer and the ability to secure over the air transmissions with 128-bit WEP encryption. The integrated firewall prevents unauthorized Internet users from accessing your private network (which includes all the wired computers attached to the base station as well). That?s because when your AirPort Extreme Base Station is configured to share your Internet connection with other machines, the base station serves out private network addresses to all of your computers on the network. Since these addresses are known only to the base station, your computers are hidden from IP-based web-launched attacks.
There?s more: if you want to have a private network and would like to limit its range to a conference room for security reasons, there?s an easy way. The AirPort Admin Utility software allows you to decrease the power level through the internal antenna, and thus control the range of the base station.
|
|
|
| |
|
|
|
|
|
|
|
Addicted to MacNN
Join Date: Mar 2000
Location: London, UK
Status:
Offline
|
|
WEP is a bit flawed, really, but it sounds like he was talking about security from the other side (breaking in remotely, rather than physically accessing the WLAN). You can also use the built-in firewall in 10.2 if you don't trust your ABS.
|
|
|
| |
|
|
|
|
|
|
|
Forum Regular
Join Date: Aug 1999
Location: Los Angeles, CA
Status:
Offline
|
|
Yeah, the only access I'm wondering about is remote access, not over the air access.
I locked down remote (WAN) administration to the base station but I'm still getting ports open on the base station firewall (directly connected to the cable modem).
I used http://www.dslreports.com/scan/
It reports this:
TCP 1025 filtered
TCP 1026 filtered
UDP 67 open
UDP 68 open
UDP 123 open
UDP 161 open
I don't know if these are vulnerable or not but running the same test on the router with firewall produced no open ports.
I'd like to get these locked down so I can sleep easier.
Thanks,
Don
|
|
|
| |
|
|
|
|
|
|
|
Senior User
Join Date: May 2001
Location: Boston, MA
Status:
Offline
|
|
|
|
|
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
 
|
|
|
Forum Rules
|
|
|
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
|
HTML code is Off
|
|
|
|
|
|
|
|
|
|
|
|
|
Top
