Igor Stoppa wrote: > On Sat, 2007-01-13 at 09:55 +0100, ext Zoran Kolic wrote: >>> Otoh many people do keep their cell phone on and probably would like to >>> do the same with n800 or 770. Same applies to the pc used to read >>> emails. >> OK, Igor. Fair enough. But, now I got you. 770 has no firewall. I'm not >> paranoid, but it is must_have for long on the line. >> 770 has stateless iptables. I use another unix branch for everyday surf, >> mailing, doing whatever. Laptop and desktop have statefull firewall for >> filtering. It is transparent, till I take a look into the logs. I know >> that "if you don't have port open, noone can harm you". Wrong. You have >> ports open. You surf, you mail. Anyone could be man in the middle and take >> your shiny new gadget. WEP is easy to walk around, just see wifitap. I >> have 770 for a month and tried to get respond on this subject. Implemented >> iptables is not the one from netfilter manual. So: >> - who could clear the topic for me? >> - could end user get more kernel modules from nokia, not to go into >> recompile and find correct versions of kernel and all environment? >> I don't make an atack on your stance. I have mine and feel quite happy. > > I don't think I have enough knowledge on the subject to give a proper > answer so i won't. Hopefully you'll get an answer from somebody from the > Connectivity team. > As a generic observation though, let me point out that your tipical > accesspoint should already provide support, like firewalling. I have worked for two of the leading wireless vendors, and I assure you: commercial access points typically provide no firewall functionality. I have many years of experience with implementing various forms of network security functionality, and while I have a demanding day job, this is a problem I'm very interested in. I'm going to start poking around with the 770 dev environment and see what I can do about this. If anyone else here is working on firewall-related stuff for the 770 (or n800) let me know so we can coordinate our efforts. Scott
