** Reply to message from "Jon" <os2-wireless_users@2rosenthals.com> on Tue, 27
Oct 2009 13:20:43 -0700 (PDT)
> >
> >I would use the same settings as what I use at home.
> >
>
> A bit easier said than done. User rules would probably be easy enough to copy but IJFW has a
> number of preset rules based on it's selectable security level. For example, (and I'm sure you
> know this) the NAT engine drops unsolicited packets. When on the road, the wireless connection may
> be using NAT
I have not seen any public wireless access point that did not use NAT in the US
or Europe. Of course if you are using someone's private network they may have
a different setup.
> but I don't know if the AP is dropping those packets nor do I know how to write a rule
> to do the same (or AFAIK, it may not even be possible for the simple OS/2 firewall to do this).
All unsolicited packets will be dropped (or rejected) by NAT. Unsolicited
packets do not have enough information associated with them to be routed.
> Maybe most of the public AP's that you used block unsolicited packets in the same manner but
> because that info can't be seen then it isn't known to be happening. Perhaps this is why in the
> many years of traveling you haven't had a problem?
NAT by itself is a good firewall for unsolicited packets. If you do not click
on a lot of links while browsing the internet you should not have problems.
Likewise if your email client is fairly secure you will not have problems. If
you click a lot of links and do not have your email client secure a firewall
will not keep you safe.
When I am connected to a public wireless access point I do not stay connected
for hours, just enough time to get my email and occassionally to look at a URL.
I am very selective on links I follow and my email client is set to only
display plain text, this eliminates many problems. So having a connection
through a public wireless access point (which uses NAT) and using safe surfing
practices avoids problems.
back to list