Every computer which accesses the internet or is connected to a network uses ports to communicate. Ports are almost like individual conversations going on over the same telephone line but which each port talking about a different thing. For example, every time you access a website using http, the chances are you’ll be using port 80. For other protocols such as ftp (file transfer) different ports are used, in this case port 21. Email, secure connections, streaming etc. all use different ports which helps control the flow of data and filter desired information from undesired.

Now for many people, you never see or need to know that your computer is doing this automatically. However in some special cases, a program wants to use an unusual port number and if you have a firewall installed, it may be set to block the port, preventing the program from communicating. You may get pop-up windows telling you about the request but you may not so if a program tries to communicate across a network or the internet and  fails, it could be worth trying it without your firewall turned on to see if that is the problem. If it is, you can set up rules to allow that program access.

There are two key types of firewall: hardware and software based. Hardware firewalls are often built into routers or similar (you can often change the port you access your router admin on and use the address http://routerip:portnumber) and are generally more of an outer barrier preventing any obvious attacks on a system. These can sometimes cause problems but it is more often than not the software firewall will be blocking a connection and will need to be configured. Software firewalls are generally more configurable and allow you to choose which programs can access the internet or network and individual ports can often be opened (you will be able to find out which ports certain programs need by using a search engine) or closed down as necessary. Generally software firewalls have more flexibility than hardware based and have the advantage that they go with you wherever your computer is.

The need for a firewall more than anything is to only allow desired programs and information to be sent from your computer. Hackers and malicious code can exploit security holes in a firewall allowing data to be sent. Port scans often detect weaknesses and firewalls help to identify and protect against these. Hardware firewalls are particularly effective for this. Software firewalls will often alert you if a program wants to access the internet so if it is one you don’t recognise, don’t allow it. You can the investigate it further and if it turns out to be malicious, antivirus or anti-spyware software will help to remove it.

As a firewall is there for security, use it wisely and only have the ports open you need. If you’re not sure what a program is, deny it access and investigate. You can always change it later!

Related Posts:

• No Related Posts

With broadband and several computers now being common place in many households, home networking is becoming more and more common. The ability to share an internet connection around the home not only solves arguments between children and adults alike, but with wireless connections, the need for running cables throughout your property becomes a thing of the past.

Whether you have a cable or ADSL connection, there are many routers out there which allow you to share your connection. A router quite simply ‘routes’ the relevant bits of information to the correct computer meaning you see the website you asked for. What people often think as routers are often a combination of three devices: a router, a modem and a wireless access point. This means instead of three seperate pieces of equipment, everything is fitted into one small device.

Setting up the router can be relatively simple particularly now the use has become widespread and companies have had to write instruction manuals for the masses to understand. Initially the chances are you will be told to connect your phone/cable line to the router (you may need to put filters in place), connect using an ethernet cable and then login to the router. Often this is done through an internet browser using the address http://192.168.0.1, http://192.168.1.1 or similar. The login details will be written in the instruction manual or can sometimes be found on the base of the unit. It is recommended to change the default password on the router to help prevent unauthorised access.

Once connected you will need to fill in details about your internet connection (login details etc.), IP addresses in the network and also wireless security. Generally unless you have any specific needs of forwarding certain requests to a computer, using a DHCP server in the router is often the best option. This is also usually the way most computers are configured and saves having to go through assigning static IPs.

With wireless, it is almost vital these days to protect your wireless network. If someone uses your internet connection for illegal activity due to your wireless network being unprotected, it can cause you major problems. Some simple steps are to setup in encryption, restrict MAC addresses, hide the network (SSID) and restrict admin features of the router while wireless.

Wireless encryption has gone through many versions. The newest used in many home routers is WPA2. This replaces WPA which in turn replaces WEP. Obviously the best types of encryption are WPA2 and WPA however not all devices support those and as such WEP may need to be used. The encryption password should be something that can’t be guessed easily. A combination of upper and lower case letters with numbers usually makes a strong password.

If MAC address filtering needs to be set up, in each computer which will connect wirelessly you will need to get the MAC address. This is an identifier address for the wireless card in that computer and only the allowed addresses will be allowed to use the network. To get this address in a windows computer, go to Start, Run and type CMD (In Vista type CMD in the StartSearch box) then press enter. In the Command Prompt which appears type ipconfig/all and then go down to your WIRELESS adapter and note the “Physical Address” (the characters are zeros rather than the letter O). This is the address you will then need to enter into your MAC address filtering in the router.

To share files and printers between computers (using Windows), the need to be in the same WORKGROUP. This can be found by right clicking in My Computer and going down to Properties. Make all the computer are in the same workgroup or adjust the settings as necessary. Also, you may need to enable file and printer sharing on the computer however this varies depending on your version of Windows. Refer to Windows help for further information regarding this.

To access another computer, simply type \\IP-address in the run command or address bar in Windows Explorer dialogue or use the computer name (listed with the workgroup) instead of the IP address. If it fails to work and you know you have the IP-address or name correct, try disabling the firewall on both computers and try again. If this works, you may need to open firewall ports TCP-445 if using 2000 or later or for previous versions ports 135, 137-139. This may need some tinkering but in principle it should work.

In Vista and partly with XP, it is possible to share music and video around the home. With video senders and receivers, this is one of the up and coming technologies perfectly suited for home networks. Another advantage of a network is backups for files can be made over the network to another computer ending the need for vast numbers of CDs and DVDs. And finally, for getting rid of those arguments over who uses the computer to go on the internet, surely a home work is worth the effort of setting up!

Related Posts:

• No Related Posts

Should you find error messages in /etc/httpd/logs/error_log such as

[Tue Mar 28 04:29:42 2006] [notice] child pid 24546 exit signal File size limit exceeded (25)

This means that you have a log file that is great than 2GB in size. To fix this run

cd /etc/httpd/domlogs
du -sh * | grep [0-9]G

This should show you the file that is causing issues e.g. domain.com.log. To reset it, but loosing the webstats run

cd /etc/httpd/domlogs
rm domain.com.log
touch domain.com.log
/etc/init.d/httpd stop
/etc/init.d/httpd start

Do not use just an Apache restart but a full stop/start to make sure it closes all its old files

Related Posts:

• No Related Posts

To change the SSH port number login as root, and edit /etc/ssh/sshd_config

Find the line that says Port 22 and change 22 to any number between 1024->65535 (above 30000 is best) and save the file.

Once done, run:

/etc/init.d/sshd restart

Now start a new SSH session (don’t close your existing one), to make sure that you can get in.

Related Posts:

• No Related Posts

Hey, one more update for broadband users:

Error 1024 on Windows Vista:

1) Go to ‘Start’.

2) ‘Run’ >> ‘msconfig’.

3) Click on ‘Sartup’ on the tabs along the top.
4) Then under ‘Command’ try to find: C:\Program Files\Speedtouch\……

5) To make sure that it is ‘Speedtouch’, check that it says ‘Speedtouch’ and that it has a blue tick next to it.
6) Untick the blue tick from the box. Make sure the right one is selected or else this could harm your PC.

7) Then click on ‘Apply’ and then ‘Close’.

Restart your PC and wallah, no more error 1024!

9) Again do not try this if you are not sure about it as it can harm the computer.

Related Posts:

• No Related Posts