John Berry asks: I thought that I was very security-conscious until I discovered that my wireless access point was accessible from the internet. I don't want that and I don't really know how to stop it.
I have two PCs connected to a Speedtouch V510 ADSL router, which in turn is hooked up to the internet. Also connected to the router is my 3COM Office connect wireless access point, which I use to connect my laptop to the home network and the internet.
One of the PCs runs Windows XP Pro; the other and my laptop run Windows 2000 Pro. All three have Norton Internet Security 2005 installed and running.
Now, I need to be able to access the wireless access point from my local network, but I don't need to access it remotely from the internet. I was surprised to be able to do just that, simply by entering my static IP address into a browser.
I know that the Speedtouch has a firewall and a command line ipconfig query says that it is on, but I know next to nothing about configuring the firewall using command line instructions. Can you help?
Pete replies: Your ADSL router is a little dated now and I would suggest that you consider investing in a newer one. These can come preconfigured out of the box, with total stealth cloaking – in other words, your router should be invisible from the internet. I obviously can't endorse any particular manufacturer or product. If you really want to attempt a command line configuration of the router’s firewall, the first step would be to determine which ports are visible from the outside. I recommend that you go to Steve Gibson's site and run the Shields Up test. This will show you which ports may be weak spots. Then decide, if you have the time and inclination (and documentation) whether to continue, but be warned that it is not a simple task technically.
As an immediate step I suggest that you configure the 3COM to limit the allowed wireless access points to the MAC addresses of the devices on your internal network.