UCSB Physics Computing Services

(This page is under construction.)

Info for Cox Cable Modem Users

Setting up Email

Security Issues & Firewalls

Related Links


Setting up Email

To use your Cox account to send and receive e-mail using the Cox servers:

Incoming mail server:  pop.west.cox.net

Outgoing mail server:  smtp.west.cox.net

You can set your Cox account to send and receive mail from Physics. 

Incoming mail server:  mail.physics.ucsb.edu

Outgoing mail server:  smtp.physics.ucsb.edu

BUT: you must use "Authenticated SMTP" using a secure (SSL/TLS) alternate port (465 or 587) or the Physics mail server will reject your e-mail with a "Relaying Denied" message.

Email Client Setup and Configuration


Security Issues & Firewalls

Protect yourself from intruders!!

Firewall Protection:

Physics recommends (extremely - just short of demanding!) that all broadband computer systems used to connect back to Physics be installed behind a basic firewall.  Computer systems that are attached to high speed Internet connections are natural targets for crackers intending to attack other computer systems. The high speed connection allows your machine to "flood" another system with garbage information that overwhelms the other machine.  When your machine is taken over, it is known as a "zombie".  Scores of zombies are coordinated by the attacker in a DDOS (Distributed Denial-Of-Service) attack such as the one in February 2000 against the CNN website (in which a Physics Department machine was implicated). You don't want the FBI knocking on your door!  Because your Internet connection is always on and your IP address never changes (unlike a dial-up connection) your machine can be more easily subverted.

The Physics Department's interest in your machine is our trust in you and your accounts on our computers.  If an unknown person has successfully gained access to your computer via your broadband connection, then installed software to allow them to watch all of your keystrokes (any number of which are available on the Internet), our security here has been breached.  The first time you then connect to computers here, using your valid username and password, the cracker is given access to our systems. 

We consider a basic hardware firewall cheap insurance.  It may not prevent all possible methods of attack, but it should move crackers on to easier targets. There are a variety of hardware firewalls made specifically for DSL and Cable Modem use. We currently have experience with two brands.  This does not mean we don't recommend other manufacturers and models.  SMC and Netgear both have come out with additional models we just haven't seen yet.

Some basic background on how these devices protect your computers:

Your computer gets its IP address from the ISPs computer systems using a protocol called DHCP (for Dynamic Host Configuration Protocol). The number is unique, and is reassigned to you each time.  This number is unique to the entire Internet, and the Internet's routing devices know how to get information destined for your computer to it because of this unique number. The numbering system also provides for a few ranges of numbers that can be used, but will never be routed.  These are sometime known as "martian networks", because they "can't be reached from Earth."  These are the networks that are typically used behind a firewall.  This provides one level of protection, in assuring that information that might accidentally slip past the firewall would be rejected by (hopefully) every router along the way.

The firewall acts as your personal DHCP server, providing martian network addresses to every computer system on the "safe" side, while presenting a single IP address to the Internet side (obtained by acting as a DHCP client to the ISPs DHCP server).  As it gives out addresses, it remembers which computer system they've been given to, and records this information in an address table it creates. This process, along with other details specific to the way TCP/IP works, is called NAT (for Network Address Translation).  The protection comes from the fact that only the NAT device can use your martian network address (it can't come from the Internet, the routers won't route it).  The second level of protection is the table the NAT device uses. It assigns a random port number (from 1024 to 65535, to be specific) to each "conversation" your network starts with the Internet. The return information from the computer at the other end will have this port number to which to reply. Random scans of your computer network would have to try all combinations of martian network numbers and random port numbers to get through your firewall (by which time, you've probably finished that "conversation" and have started a new one).

In some sense, it is like the Internet is speaking Spanish, and your (protected) network is speaking French.  The firewall acts as a translator, but only if the conversation begins on your side.  If some random person walks up speaking Spanish, they are ignored.

Because it is acting as a DHCP server, it can provide multiple martian addresses and map them all to the single Internet IP address.  This allows many computer systems to be attached to your home network without paying for additional IP addresses from your ISP.

Hardware Firewalls vs. Software Firewalls:

Hardware firewalls are preferred over software firewalls for several reasons. Hardware firewalls are designed to be a firewall, and are not running a higher-level operating system.  This simplifies the software internal to the box.  The software is usually smaller, and therefore less likely to have bugs.  The software is probably also contained in a ROM or NVRAM device which will help it resist tampering from the Internet.

Software firewalls typically run as a software layer on your computer system. They examine the information presented to them from the hardware driver.  If there is a known exploit in the hardware driver, the attack can circumvent the firewall software. Essentially, the attacker is already "on" the machine being attacked.  The software method can be more configurable, and can provide more extensive logging and troubleshooting information, as it is running on a more complex system. The most popular hardware firewall (because it was one of the first cheap units) is the LinkSys BEFSR1 (available at the UCSB bookstore for about $109).  It provides one port for the DSL or Cable Modem, and one port for your computer.  Next step up is a similar LinkSys model BEFSR41 which has a built-in 4 port 10/100 Mbps switch. This model simplifies your connection of multiple devices to the outgoing broadband link. Up to 4 devices can be connected to the built-in switch allowing up to 400Mbps transfer locally while sharing the Internet connection.

Other Important Notes:

Keep your virus software up to date - Remember to update virus definitions regularly.

Disable file sharing if you are a PC or Mac user (see Security Basics).

Security Faq & Security Basics

PC Firewall Guide


Other Links

Cox Customer Support Pages

General Info and Faqs about Cable Modems

More General Info

 


Updated 8/23/2005

Physics Computing Services