SearchSearch   ProfileProfile   Log inLog in   RegisterRegister 

How to secure FirstSpot?

 
Post new topic   Reply to topic    FirstSpot Forum Index -> Announcement, Technical FAQ
View previous topic :: View next topic  
Author Message
alan
Forum facilitator


Joined: 26 Sep 2003
Posts: 4435

PostPosted: Mon Mar 13, 2006 10:12 am    
Post subject: How to secure FirstSpot?

1) For the Internet/Public Network side (i.e. Internet), normally you will put a NAT router or firewall there to block the traffic so it is very secure

2) For the Visitor/Private Network side (i.e. Hotspot), you can minimize the risk significantly by only opening the ports needed by FirstSpot. FirstSpot only needs the following ports to function properly:

TCP 25, 53, 80, 443, 5786-5799, 5801-5805 (5804,5805 are new for v7. 5800 is not used by FirstSpot as it is common used by VNC)

UDP 53, 67

Just select "Permit Only" for the above ports in Windows TCP/IP Filtering (see http://support.microsoft.com/default.aspx?scid=kb;en-us;309798 for instruction, for Windows 2000, XP and 2003). For Windows Vista or later, you can use Windows Firewall to achieve similar purpose. Note that for FirstSpot v6 onward, FirstSpot will disable Windows Firewall during startup. To override this behavior, please insert the below parameter in the [misc] section at the end of the config.ini:

_enable_vista_firewall=on

You can then enable Windows Firewall and restart FirstSpot.

Note that most personal firewall (except Windows Firewall) is not compatible with FirstSpot since they both work in the driver level.

For anti-virus, please observe the following guidelines:

1) there is no driver component (e.g. personal firewall). Go to Network Connections -> click Private Network Interface -> Properties to check (Symantec Norton Anti-virus is known to have a driver component that conflicts with FirstSpot)

2) For memory resident component (e.g. AVG resident shield, Kaspersky Real-Time Protection) - you can use msconfig (or Registry at HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run if you are running FirstSpot on Windows 2000) and Windows Services console to check.

In general, memory resident component is slightly safer than the driver component above. Our internal test shows that it occurs an acceptable CPU overhead to FirstSpot operations (test done using AVG and Kaspersky), so we recommend user to run FirstSpot using a multi-core CPU. Still, if you encounter problem such as performance degregration, disable it to see whether the problem goes away.

3) if you run it using a scheduler, make sure FirstSpot is not busy at that period. The safest way is to run it manually.

4) if you have stability problem with FirstSpot, just uninstall the anti-virus completely temporary (don't just disable as there will be driver left-over. You have to uninstall.) as a test to see whether the situation improves.

5) BTW, one time web-based anti-virus is much safer for FirstSpot. E.g. http://www.kaspersky.com/virusscanner or http://www.pandasecurity.com/homeusers/solutions/activescan

6) it is okay to run the new Windows Defender (e.g. Windows 8, 10). Please monitor the performance, and turn it off if you encounter slow down in your machine.
Back to top
Display posts from previous:   
Post new topic   Reply to topic    FirstSpot Forum Index -> Announcement, Technical FAQ All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group