I'm still deciding on which company to go for. Some are 128/1500 while others are 256/1500, so I'll probably select a company with the 256Kb upload. Prices range from $40-50USD. I would like to setup a system (would you call it a ftp server?) to host files, but a static IP upgrade is an additional $15! :eek:

Is static IP necessary for this purpose? I don't consider static IP a security threat cause if you want a new IP address, you can just unplug the modem from its powersupply (breaking your internet connection) and upon re-plugging it, the modem will (99.9...% of the time) select a new IP address.

Thanks for your help! :)


DrCR

no... static ip = an ip allocated to you that doesnt change. if it changed when it was disconnected, then it would not be static would it?

a static ip will not change if you disconnect. thats why its static. and it will be a security risk, because anyone who has your ip has it permanently. but if you use sufficient security software it wont matter.

Just use a dynamic IP and www.dyndns.org

Get a static IP and a firewall. You may wish to consider WASTE instead of ftp, depending on your requirements.

while dynamic + dyndns works....most ISP's that offer dynamic DSL IP's force you to disconnect at LEAST once a day so you get a different IP

You could probably knock up a script to check your IP address and update the forms on dynamicDNS accordingly. Just run it on start up. To the geek cave!

EDIT: Someone has made a perl module that appears to do this job for EasyDNS accounts. This could probably be adapted for a free service like DynamicDNS. Module is here:

http://search.cpan.org/~gbrock/DNS-EasyDNS-0.03/EasyDNS.pm

No-IP (http://www.no-ip.com/) has it's own automatic update client for Windows (and Linux as well, I believe) that can be run as a service under an NT/2000/XP box. I use it on my firewall box even though I've only got dialup, as it's handier than checking the IP I've been assigned (since that requires logging in using Remote Desktop, or, you know, physically moving my ass).

Umm, dyndns has a group of utilities to automatically update your ip on their site. Very easy to do.

Originally posted by Nanoprobe
No-IP (http://www.no-ip.com/) has it's own automatic update client for Windows (and Linux as well, I believe) that can be run as a service under an NT/2000/XP box.


Yeah, someone mentioned that to me on the Lomac forums. I probably end up going for no-ip Free or no-ip Enhanced.



DrCR



__________

Red_Hex , thanks for clearing that up about static IP. My ignorance make me shake my head in shame. Though I worked at my unv's Information Technologies dept., I'm sure you can tell my sub dept. is not networking. lol :D



Unheard Of , WASTE instead of ftp. What's WASTE? That's something I've never, ahem, heard of.

Originally posted by jessica00
while dynamic + dyndns works....most ISP's that offer dynamic DSL IP's force you to disconnect at LEAST once a day so you get a different IP


Thanks for the heads up.




DrCR



_____________

Good news, no GB/month caps! Too bad the upload is just 256Kb/s, but 700ish Kb/s is about $120US/month. Besides, most of my use will be browsing and downloading and 256/1500 would fit what I'm looking for overall much better than 7xx/7xx and does so at less than half the price.



Anyone Know of a Good Router?
Apparently I'll only get a modem through the company. I could pay an additional $10US/month but I would rather pay $100-200 in one chunk than end up paying more over the years. An additional advantage is getting the router that I would like best rather than some refurb the company happens to have on inventory. Any recommendations on a router?

Though I don't need to connect more that one computer to the internet, I would like a router to have a hardware firewall. Good old Zone Alarm can only do so much.

I've heard of some of my IT peers using old computers (like 486s and 100MHz Pentiums) as a router/firewall (two network cards in the computer router, one in, one out. Any insite on this? I'd like a rather hands-off router. Any suggestions on software to do this? Worth looking into since I have more than enough 'junk' old computers around as an IT dude and would be a lot cheaper than getting a 'system unit' router (assuming free software for the computer router).



DrCR



______________

One router I'm looking at:

"U_S_Robotics Secure Storage Router Pro"

tomsnetworking (http://www.tomsnetworking.com/Reviews-61-ProdID-USR8200.php)



DrCR



________________

I personally have a linksys router/wireless AP/firewall and short of plugging in my Cisco 2600 it works very nicely as a router/firewall. Very easy to set up, and it has good port fowarding options as well as a DMZ host option for a server or testing.

One thing to note is that some companies get really anal if you start serving things on dynamic IP accounts or they will limit your bandwidth on certain inbound ports (FTP, HTTP, etc) because it is a "personal" account... I have a 256/1.5 business class connection with a static IP that is 80/mo but I can do whatever i want with it.

I'm personally not a huge fan of USR/3com or anything relating to Tom's hardware.

Originally posted by Rurouni Storm
Umm, dyndns has a group of utilities to automatically update your ip on their site. Very easy to do.

:) Oops. Didn't think to look. I guess I prefer to roll my own.

Get a Linksys router as Keyan mentioned since last year when I was doing some research about the whole broadband upgrade thingy many people recommended them.Although,I still haven't gotten broadband yet as it is still a bit too expensive it was either blazing fast download speeds or digital cable,I chose the latter.

my linksys BEFSR41 is a nice router.
the BEFSX41 is the more secure model. i'd go for that or a WRT54G :)

Originally posted by DrCR
Good news, no GB/month caps! Too bad the upload is just 256Kb/s, but 700ish Kb/s is about $120US/month. Besides, most of my use will be browsing and downloading and 256/1500 would fit what I'm looking for overall much better than 7xx/7xx and does so at less than half the price.


Ouch, that's pretty expensive. I pay $50 Cdn per month for 2Mb/s cable.



[B]I've heard of some of my IT peers using old computers (like 486s and 100MHz Pentiums) as a router/firewall (two network cards in the computer router, one in, one out. Any insite on this? I'd like a rather hands-off router. Any suggestions on software to do this? Worth looking into since I have more than enough 'junk' old computers around as an IT dude and would be a lot cheaper than getting a 'system unit' router (assuming free software for the computer router).


You can get some versions of Linux specifically stripped down for routing. Just edit a text file for the options and boot of the floppy for some of them, even.



______________

trust me...a 50 dollar linksys router vs a 50 dollar PC to run linux PLUS the 50 dollar 5/8 port switch behind that....

linux is a ***** and a half too...

This is the router I ended up going for. Thanks for your help guys!

Linksys BEFSX41 (http://www.linksys.com/products/product.asp?grid=34&scid=29&prid=433) spent $60US on it with free shipping.



For my hosting needs/wants...

Can I select different options on different ports? In other words, have a maximum security setup on all my non-hosting computers and take one of my old 133MHz computers and enable settings to allow ftp (port 80?) on just this particular computer.

Or maybe plug this 133MHz computer into the DMZ... or would this allow people to trash/bug/worm/etc. the computer or exploit my bandwidth?



Also, is 133MHz (4 32MB (128MB) 72-pin Dimms) enough power for a ftp server? Wouldn't the bottleneck be the 256Kb/s upload rather than the computer?



Thanks again!



DrCR



__________________

Originally posted by Rurouni Storm
Ouch, that's pretty expensive. I pay $50 Cdn per month for 2Mb/s cable.


Welcome to broadband USA. :bulb:




You can get some versions of Linux specifically stripped down for routing. Just edit a text file for the options and boot of the floppy for some of them, even.




I figured $60US was well worth not having to mess with a PC setup, but I'll be sure to play around with that. Thanks!




DrCR




____________________

Yahoo! By increasing my local phone package through by future DSL provider for a few bucks I decrease my DSL costs from $50/month to $39/month! :D



DrCR




______________

one little security trick.

DMZ an un-used IP

Originally posted by jessica00
one little security trick.

DMZ an un-used IP


Huh? Right over my head lol. Could you explain? Thanks!




DrCR




________________

DMZ = Demilitarized Zone.

With routers and firewalls there are basically 3 levels of security. The outside internet is 'untrusted' and has no security, the inside where your computer plugs in is thought of to be 'trusted' since you want to freely exchange files and basically figure that everything behind your firewall is thoiught to be safe and secure. The third area is the dmz. It's an area that's both trusted and considered to be unsafe. It's not as dangerous as the outside internet and it doesn't have the security that the inside pcs are protected with.

In the business world (and some of the power users here appearantly) we put servers (mail, web, ftp etc.) in the dmz since we need them to be accessible to the outside world as well as to the folks on the inside of the network. I can't find a simple diagram at the moment but I'm sure there are tons out there.

Anyways, back to what Jess was saying about setting up an unused IP as a dmz. Think of your router for a moment. A simple setup goes along the lines of your dsl line coming in (untrusted), your main pc plugging in (trusted) and if you follow Jess's advice, you'll assign 1 IP and port on your router to be the dmz(kind of trusted). When a hacker comes in to see what's behind your firewall, the first place they'll go is to the dmz and that's where you want them to go. Put your ftp server on that port. Never put anything on the ftp server that you wouldn't be afraid to lose if they find a way to delete it and never put any personal/confidential data on there that you wouldn't be afraid to have wind up on the internet.

That's a real brief overview of a dmz. Post up if you've got any more questions! I hope that I've answered a few.

pretty much right. unless they ping a port you have forwarded specificially, any ping will be forwarded to empiness and never go back, thus you're invisible...

Yeah, I'm knowledgable with most of what your talking about trusted zones and such. It's just the router aspect of it all that I'm ignorant of. With your explanation, I now understand (I think lol) why I should put the ftp server on the DMZ. And no, I’m not stupid enough to put personal info in an unsecured environment. This area is one of the very few areas related to computers of which I’m a newbie. Overall security awareness is not one of them. Just the fact that you have to login on this forum without encryption annoys me. :haha: I work in my unv’s Information Technologies dept., I'm just not part of webtech or networking. ;)

That ftp server on the DMZ though…could someone format the hard drive, upload worms or hacker tools, steal the windows product key from the reg. or just take-over the machine in general? How do I protect against these threats?



As for that “DMZ an un-used IP”, are you talking about a ‘router’ IP as opposed to the ‘modem’ IP?



Thanks you all!



DrCR




___________________________

Should I run a software firewall (Free ZoneAlarm) or Spybot:S&D on the ftp server?

no...do NOT dmz a physical PC.
ftp server? forward port 21 to it.
http? 80

and so on.

servers do NOT need dmz.