>A firewall can block the ports used in the exploits while allowing
>you to communicate with your file server. I know people (including
>ourselves) have used software firewalls like Zonalarm with mixed
>success. I prefer a hardware solution. The simplest would be a SOHO
>"Router" (e.g. from linksys) which does not provide sophisticated
>firewall but still offers protection to systems behind it.
>Another solution we have used in some cases is to put the machine in
>a private non-routable address space (e.g. 192.168.x.x) and then set
>up the file server to listed on both address spaces. This is
>reasonable if your LAN is physically secure and the other machines on
>the LAN are relatively safe from exploit.
>Hope this helps. Good luck.
>-James
>James, thanks for the info. I will talk to my IT guys so we can get something
set up.
Steve
---
