All incoming network connections to the Stanford residences pass through a firewall. Students are able to set which types of traffic they would like the firewall to filter. This is done by choosing between four firewall access levels (detailed below) when they register their computers with Residential Computing.
- Closed: Recommended for most users. Almost all traffic initiated from outside the residential network is blocked. (As with all four settings, all communication initiated from your computer or from other computers in your building or neighborhood is allowed.) This is the same as the normal settings for the firewalls built in to Microsoft Windows and Mac OS X, which you may be already be using. This is the highest-security residential firewall setting.
- Server: Allows the communication necessary to host a web site on your personal computer or log in to it remotely (SSH, HTTP, and HTTPS on the standard ports). If this doesn't mean anything to you, you probably don't need it and should chose "Closed."
- Advanced Server: Includes all of the services in the "Server" profile as well as BitTorrent (6881-6889), Xbox Live (88, 3074), Ventrilo (3875-3875), and a range of open ports (3766-3800) for use with custom services. Again, if this doesn't mean anything to you, you probably don't need it and should choose "Closed."
- Open: Allows all incoming traffic, providing no protection. If you are running a service not listed above which requires connections initiated from the outside, choose this setting. As this option increases your exposure, please be sure your computer is fully patched, running a software firewall, and has strong passwords.
If you are uncertain which firewall level is appropriate for you, we recommend you begin by choosing "Closed," the most secure, which is sufficient for most ordinary use like browsing the web and checking email. If you determine later that you need a different setting, you can easily change it by updating your registration or asking your RCC for further assistance.
Note that the residential firewall will not conflict with the built-in firewall included in most operating systems (such as Microsoft Windows or Mac OS X). Each student can select a personal firewall profile that best fits their needs, via the network registration tool found at: http://rescomp.stanford.edu/inrooms/.
Additional information can be found in the Frequently Asked Questions (FAQ), here.
For more information, contact: Residential Firewall Team