Point-of-Sale security - Firewalls

This is a discussion on Point-of-Sale security - Firewalls ; Hi. I've been tasked with setting-up a POS (Point-of-Sale) system for a small restaurant. The POS will consist of 5 terminals and a server (all WinXP-Pro), all networked together. I would like to completely isolate the 5 terminals from the ...

+ Reply to Thread
Page 1 of 2 1 2 LastLast
Results 1 to 20 of 25

Thread: Point-of-Sale security

  1. Point-of-Sale security

    Hi.

    I've been tasked with setting-up a POS (Point-of-Sale) system for a
    small restaurant. The POS will consist of 5 terminals and a server (all
    WinXP-Pro), all networked together.

    I would like to completely isolate the 5 terminals from the Internet.
    Also I would like to allow only very limited Internet access to/from the
    server, 1) for credit card authorization and 2) for remote access (e.g.
    RAdmin).

    I am thinking that one way to accomplish this would be to have a "local"
    switch connecting all 5 terminals and the server, thereby securing the
    terminals. Then I would install a second NIC in the server and have it
    connected to an "Internet facing" switch connected to a router
    (connected to a DSL modem). I would then use the router's firewall to
    block all traffic to the server except those aforementioned.

    A) Would this work? If so, are there any particular features my router
    would need, or can they all do this?

    B) Is there a better / easier way to accomplish my goal, perhaps without
    needing the extra switch and NIC?

    Please be gentle, this level of networking is mostly new to me.
    Thanks!

    Dale

  2. Re: Point-of-Sale security

    Dale I. Green wrote:
    > Hi.
    >
    > I've been tasked with setting-up a POS (Point-of-Sale) system for a
    > small restaurant. The POS will consist of 5 terminals and a server (all
    > WinXP-Pro), all networked together.
    >
    > I would like to completely isolate the 5 terminals from the Internet.


    keep in mind, that they will need at least temporary internet access - e.g. for updates, patches etc.

    M

  3. Re: Point-of-Sale security

    Dale I. Green wrote:
    > I would like to completely isolate the 5 terminals from the Internet.


    Pull the plug.

    > Also I would like to allow only very limited Internet access to/from the
    > server, 1) for credit card authorization and 2) for remote access (e.g.
    > RAdmin).


    This is an oxymoron now. You will not manage to do what you want. The
    best compromize will be: don't route into the net on the server, and
    filter anything with the exception of the needed servces on the server.

    > I am thinking that one way to accomplish this would be to have a "local"
    > switch connecting all 5 terminals and the server, thereby securing the
    > terminals. Then I would install a second NIC in the server and have it
    > connected to an "Internet facing" switch connected to a router
    > (connected to a DSL modem). I would then use the router's firewall to
    > block all traffic to the server except those aforementioned.


    Yes. Do so.

    Yours,
    VB.
    --
    "Pornography is an abstract phenomenon. It cannot exist without a medium
    to propagate it, and it has very little (if anything at all) to do with sex."
    Tina Lorenz


  4. Re: Point-of-Sale security

    mak wrote in
    news:1169548806.93913@nntpcache01.si.eunet.at:

    > keep in mind, that they will need at least temporary internet access -
    > e.g. for updates, patches etc.
    >
    > M
    >


    Yes, thank you. I was thinking I could occassionally (monthly? / as
    needed?) apply patches to the terminals either by temporarily connecting
    the "local" switch to the Internet or by downloading patches to the
    server then pushing them out to the terminals.

  5. Re: Point-of-Sale security

    VB, Thank you for your input. I assume by your comments that you
    consider my goals to be naive but that you think my overall approach is
    solid. Is that right?

    >> Also I would like to allow only very limited Internet access to/from
    >> the server, 1) for credit card authorization and 2) for remote access
    >> (e.g. RAdmin).

    >
    > This is an oxymoron now. You will not manage to do what you want. The
    > best compromize will be: don't route into the net on the server, and
    > filter anything with the exception of the needed servces on the
    > server.


    What do you mean by "don't route into the net on the server"? Also, by
    "filter" do you mean using the hardware router, a software firewall, or
    something else?

    Kind regards,
    Dale

  6. Re: Point-of-Sale security

    In article ,
    dig@notmail.com says...
    > VB, Thank you for your input. I assume by your comments that you
    > consider my goals to be naive but that you think my overall approach is
    > solid. Is that right?
    >
    > >> Also I would like to allow only very limited Internet access to/from
    > >> the server, 1) for credit card authorization and 2) for remote access
    > >> (e.g. RAdmin).

    > >
    > > This is an oxymoron now. You will not manage to do what you want. The
    > > best compromize will be: don't route into the net on the server, and
    > > filter anything with the exception of the needed servces on the
    > > server.

    >
    > What do you mean by "don't route into the net on the server"? Also, by
    > "filter" do you mean using the hardware router, a software firewall, or
    > something else?


    You need a real firewall appliance and then you setup only the access
    that you want to permit - do not confuse a NAT Router as a firewall

    With a real firewall appliance you can setup a IPSec client to allow you
    to remotely connect to the firewall itself, then from a rule in the
    firewall, your authenticated user can remotely admin the server.

    You can also allow outbound to the credit card processing facility and
    block all other access.

    --

    spam999free@rrohio.com
    remove 999 in order to email me

  7. Re: Point-of-Sale security

    Dale I. Green wrote:
    > VB, Thank you for your input. I assume by your comments that you
    >> This is an oxymoron now. You will not manage to do what you want. The
    >> best compromize will be: don't route into the net on the server, and
    >> filter anything with the exception of the needed servces on the
    >> server.

    >
    > What do you mean by "don't route into the net on the server"? Also,
    > by "filter" do you mean using the hardware router, a software
    > firewall, or something else?


    You'll probably want something like this:

    Internet
    |
    Firewall
    | e.g. 10.23.0.2/30
    |
    | e.g. 10.23.0.1/30
    Server
    | e.g. 192.168.0.1/29
    |
    +- Client
    +- Client
    +- Client
    +- Client
    `- Client

    Server has two NICs and does not route between those interfaces. Harden
    the server and restrict physical access to it (see e.g. [1,2]).

    Firewall does packet filtering, NAT and port-forwarding to those
    services on the server that must be accessible from the outside (e.g.
    remote access). You may want to consider allowing remote access only
    through a VPN instead of forwarding ports for remote access, in which
    case the firewall device must also be a VPN endpoint.

    Lock down the clients, too.

    [1] http://www.microsoft.com/technet/sec...p/default.mspx
    [2] http://www.nsa.gov/snac/downloads_wi...ID=scg10.3.1.1

    cu
    59cobalt
    --
    "If a software developer ever believes a rootkit is a necessary part of
    their architecture they should go back and re-architect their solution."
    --Mark Russinovich

  8. Re: Point-of-Sale security

    Dale I. Green wrote:
    > Hi.
    >
    > I've been tasked with setting-up a POS (Point-of-Sale) system for a
    > small restaurant. The POS will consist of 5 terminals and a server (all
    > WinXP-Pro), all networked together.
    >
    > I would like to completely isolate the 5 terminals from the Internet.
    > Also I would like to allow only very limited Internet access to/from the
    > server, 1) for credit card authorization and 2) for remote access (e.g.
    > RAdmin).
    >
    > I am thinking that one way to accomplish this would be to have a "local"
    > switch connecting all 5 terminals and the server, thereby securing the
    > terminals. Then I would install a second NIC in the server and have it
    > connected to an "Internet facing" switch connected to a router
    > (connected to a DSL modem). I would then use the router's firewall to
    > block all traffic to the server except those aforementioned.
    >
    > A) Would this work? If so, are there any particular features my router
    > would need, or can they all do this?
    >
    > B) Is there a better / easier way to accomplish my goal, perhaps without
    > needing the extra switch and NIC?
    >
    > Please be gentle, this level of networking is mostly new to me.
    > Thanks!
    >
    > Dale



    Since you are dealing with a network that has CC data


    I would start with a detailed description of what each machine is
    required to do, to perform it's tasks.

    Remove anything from the machines that isn't required, only add network
    access as required

    build in strong authentication & authorization methods for remote access
    , and local access

    John

  9. Re: Point-of-Sale security

    Leythos wrote in
    news:MPG.201fc7f9b1e6380698984e@adfree.Usenet.com:

    > In article ,
    > dig@notmail.com says...
    >> VB, Thank you for your input. I assume by your comments that you
    >> consider my goals to be naive but that you think my overall approach
    >> is solid. Is that right?
    >>
    >> >> Also I would like to allow only very limited Internet access
    >> >> to/from the server, 1) for credit card authorization and 2) for
    >> >> remote access (e.g. RAdmin).
    >> >
    >> > This is an oxymoron now. You will not manage to do what you want.
    >> > The best compromize will be: don't route into the net on the
    >> > server, and filter anything with the exception of the needed
    >> > servces on the server.

    >>
    >> What do you mean by "don't route into the net on the server"? Also,
    >> by "filter" do you mean using the hardware router, a software
    >> firewall, or something else?

    >
    > You need a real firewall appliance and then you setup only the access
    > that you want to permit - do not confuse a NAT Router as a firewall
    >
    > With a real firewall appliance you can setup a IPSec client to allow
    > you to remotely connect to the firewall itself, then from a rule in
    > the firewall, your authenticated user can remotely admin the server.
    >
    > You can also allow outbound to the credit card processing facility and
    > block all other access.
    >


    Leythos, Thank you!

    Does "IPSec" imply VPN?

    Could you suggest a firewall appliance which would be suitable? I
    checked newegg and the best rated firewall is the NETGEAR FR114P. Would
    this be a good choice?

    Finally, would you still recommend using 2 switches, a "local" and an
    "Internet facing"?

    Thanks again. I appreciate your advice.

    Kind regards,
    Dale



  10. Re: Point-of-Sale security

    Ansgar -59cobalt- Wiechers wrote in
    news:51mpr8F1hninpU1@mid.individual.net:

    > You'll probably want something like this:
    >
    > Internet
    > |
    > Firewall
    > | e.g. 10.23.0.2/30
    > |
    > | e.g. 10.23.0.1/30
    > Server
    > | e.g. 192.168.0.1/29
    > |
    > +- Client
    > +- Client
    > +- Client
    > +- Client
    > `- Client
    >
    > Server has two NICs and does not route between those interfaces.
    > Harden the server and restrict physical access to it (see e.g. [1,2]).
    >
    > Firewall does packet filtering, NAT and port-forwarding to those
    > services on the server that must be accessible from the outside (e.g.
    > remote access). You may want to consider allowing remote access only
    > through a VPN instead of forwarding ports for remote access, in which
    > case the firewall device must also be a VPN endpoint.
    >


    Thank you Ansgar.

    I assume by default routing is disabled between NICs, yes?

    Also, if I choose to use VPN, would that simplify my firewall config?

    Kind regards,
    Dale

  11. Re: Point-of-Sale security

    In article ,
    dig@notmail.com says...
    > Leythos wrote in
    > news:MPG.201fc7f9b1e6380698984e@adfree.Usenet.com:
    >
    > > In article ,
    > > dig@notmail.com says...
    > >> VB, Thank you for your input. I assume by your comments that you
    > >> consider my goals to be naive but that you think my overall approach
    > >> is solid. Is that right?
    > >>
    > >> >> Also I would like to allow only very limited Internet access
    > >> >> to/from the server, 1) for credit card authorization and 2) for
    > >> >> remote access (e.g. RAdmin).
    > >> >
    > >> > This is an oxymoron now. You will not manage to do what you want.
    > >> > The best compromize will be: don't route into the net on the
    > >> > server, and filter anything with the exception of the needed
    > >> > servces on the server.
    > >>
    > >> What do you mean by "don't route into the net on the server"? Also,
    > >> by "filter" do you mean using the hardware router, a software
    > >> firewall, or something else?

    > >
    > > You need a real firewall appliance and then you setup only the access
    > > that you want to permit - do not confuse a NAT Router as a firewall
    > >
    > > With a real firewall appliance you can setup a IPSec client to allow
    > > you to remotely connect to the firewall itself, then from a rule in
    > > the firewall, your authenticated user can remotely admin the server.
    > >
    > > You can also allow outbound to the credit card processing facility and
    > > block all other access.
    > >

    >
    > Leythos, Thank you!
    >
    > Does "IPSec" imply VPN?


    Yes, but you can do VPN with PPTP or IPSec.

    > Could you suggest a firewall appliance which would be suitable? I
    > checked newegg and the best rated firewall is the NETGEAR FR114P. Would
    > this be a good choice?


    LOL, sorry, firewall means something a little further up the food chain.
    I would suggest something in the line of a WatchGuard X750e series:

    https://www.watchguard.com/products/x750e.asp

    This is a real firewall and as your needs grow/business increases you
    can purchase keys to increase the performance of the firewall, so you
    don't have to change the firewall out, just purchase an upgrade
    license/key.

    > Finally, would you still recommend using 2 switches, a "local" and an
    > "Internet facing"?
    >
    > Thanks again. I appreciate your advice.


    If you have a real firewall, it will have a WAN (public) interface for
    your internet connection and then separate jacks for the LAN and DMZ
    network - so you don't need to have a switch at the WAN side, you get
    the ability to have real, isolated networks with real jacks for LAN and
    then DMZ.

    These things are not cheap, but you need to consider how much it would
    cost if you have your users CC information stolen from your servers.

    Additionally, the unit acts as a PPTP server and an IPSec VPN end-point,
    and you get client licenses for their VPN software to install on laptops
    and remote users computers if needed.

    The FR114P is a base firewall, it provides very basic firewall
    functions, it doesn't provide all that you need, and it does not provide
    a real DMZ network isolated from the LAN - basically, it's a glorified
    NAT Router.

    --

    spam999free@rrohio.com
    remove 999 in order to email me

  12. Re: Point-of-Sale security

    John Mason Jr wrote in news:12rcsqf4nspqve7
    @news.supernews.com:

    > Since you are dealing with a network that has CC data
    >
    >
    > I would start with a detailed description of what each machine is
    > required to do, to perform it's tasks.
    >
    > Remove anything from the machines that isn't required, only add network
    > access as required
    >
    > build in strong authentication & authorization methods for remote access
    > , and local access
    >
    > John


    Thank you John.


  13. Re: Point-of-Sale security

    Leythos wrote in
    news:MPG.20209a2a4006469198985a@adfree.Usenet.com:


    > https://www.watchguard.com/products/x750e.asp
    > These things are not cheap, but you need to consider how much it would
    > cost if you have your users CC information stolen from your servers.


    Wow!

    I understand what you're saying. I think I need to go back and see what
    our exposure actually is. I'm not even sure if any CC data is ever
    stored unencrypted on the system; it might be, but I can't think of any
    reason it would need to be.

    Practically, I don't see how we could afford this level of security,
    especially from an expertise standpoint. The restaurant is a seasonal
    mom-n-pop quick-service (window) shop. i.e. The budget is tight.

    That said, I'll discuss this with the owner.

    I really appreciate your help.

    Kind regards,
    Dale

  14. Re: Point-of-Sale security

    "Dale I. Green" writes:
    > Practically, I don't see how we could afford this level of security,
    > especially from an expertise standpoint. The restaurant is a seasonal
    > mom-n-pop quick-service (window) shop. i.e. The budget is tight.


    Latest Breach May Force a New Approach to Data Security
    http://www.digitaltransactions.net/n...fm?newsid=1226

    from above:

    In a research note she was preparing for Gartner clients on Monday,
    Litan says, Gartner believes that it's impractical for the card
    industry to expect up to 5 million retailers to become security
    experts and change their systems to fix security holes. It's time for
    the banks to own up to the problem and accept responsibility. They
    must make changes to the payment system so that, even if data are
    stolen, the data are useless to the thieves.

    .... snip ...

    somewhat related thread here
    http://www.garlic.com/~lynn/2007c.html#38 Securing financial transactions a high priority for 2007

    above reply to somebody's comment about the Gartner article:

    Sounds obvious to me. Sam & Ella's coffee shop cannot afford to hire a
    security expert.

    .... snip ...

    and old post about security proportional to risk
    http://www.garlic.com/~lynn/2001h.html#61


  15. Re: Point-of-Sale security

    Dale I. Green wrote:
    > VB, Thank you for your input. I assume by your comments that you
    > consider my goals to be naive but that you think my overall approach is
    > solid. Is that right?


    No, I did not want to say, that your approach is naive, sorry.

    > What do you mean by "don't route into the net on the server"?


    Don't route at all on the server. Don't do packet forwarding.

    > Also, by
    > "filter" do you mean using the hardware router, a software firewall, or
    > something else?


    Does not matter how you're filtering. But filter anything with the
    exception of the needed services.

    You could do this with a host based packet filter or additionally with a
    filtering device before the server.

    Yours,
    VB.
    --
    "Pornography is an abstract phenomenon. It cannot exist without a medium
    to propagate it, and it has very little (if anything at all) to do with sex."
    Tina Lorenz


  16. Re: Point-of-Sale security

    In article ,
    dig@notmail.com says...
    > Leythos wrote in
    > news:MPG.20209a2a4006469198985a@adfree.Usenet.com:
    >
    >
    > > https://www.watchguard.com/products/x750e.asp
    > > These things are not cheap, but you need to consider how much it would
    > > cost if you have your users CC information stolen from your servers.

    >
    > Wow!
    >
    > I understand what you're saying. I think I need to go back and see what
    > our exposure actually is. I'm not even sure if any CC data is ever
    > stored unencrypted on the system; it might be, but I can't think of any
    > reason it would need to be.


    If the CC information is stored, well, it's something that can be
    decrypted by some means, or there is no reason to store it.

    > Practically, I don't see how we could afford this level of security,
    > especially from an expertise standpoint. The restaurant is a seasonal
    > mom-n-pop quick-service (window) shop. i.e. The budget is tight.


    Why do you need something like you described for that type of business -
    a simple QuickBooks POS terminal and a credit card swiper with a CC
    service would handle all that you need.

    http://quickbooks.intuit.com/product...etail_pos_solu
    tions/point_of_sale_software.jhtml

    They make the software and you can even buy a software + hardware
    solution directly from them, all you need to do is enter the products,
    costs, and setup a cc account with a cc processing company.

    > That said, I'll discuss this with the owner.
    >
    > I really appreciate your help.


    Doing this the wrong way could cost them their business and home, if
    you're going to do it, do it right or don't do it.

    --

    spam999free@rrohio.com
    remove 999 in order to email me

  17. Re: Point-of-Sale security

    Leythos wrote in
    news:MPG.2021116934bf66cc98985d@adfree.Usenet.com:


    >> I understand what you're saying. I think I need to go back and see
    >> what our exposure actually is. I'm not even sure if any CC data is
    >> ever stored unencrypted on the system; it might be, but I can't think
    >> of any reason it would need to be.

    >
    > If the CC information is stored, well, it's something that can be
    > decrypted by some means, or there is no reason to store it.


    I should have simply stated that I'm not sure if any CC data is stored
    on the system. It seems to me, once a transaction is approved, and an
    approval code issued, the CC number itself is no longer needed. I've
    forwarded the question to our POS software vendor.



    >> Practically, I don't see how we could afford this level of security,
    >> especially from an expertise standpoint. The restaurant is a
    >> seasonal mom-n-pop quick-service (window) shop. i.e. The budget is
    >> tight.

    >
    > Why do you need something like you described for that type of business
    > - a simple QuickBooks POS terminal and a credit card swiper with a CC
    > service would handle all that you need.


    Hmmmmm... The QuickBooks POS is very similar to what we're using. (We
    actually looked at the QuickBooks, but found it to be a poor choice for
    a restaurant.) What did I say which implied otherwise? What is it
    about the QuickBooks POS system which eliminates security concerns? Now
    I'm really confused...



  18. Re: Point-of-Sale security

    In article ,
    dig@notmail.com says...
    > Leythos wrote in
    > news:MPG.2021116934bf66cc98985d@adfree.Usenet.com:
    >
    >
    > >> I understand what you're saying. I think I need to go back and see
    > >> what our exposure actually is. I'm not even sure if any CC data is
    > >> ever stored unencrypted on the system; it might be, but I can't think
    > >> of any reason it would need to be.

    > >
    > > If the CC information is stored, well, it's something that can be
    > > decrypted by some means, or there is no reason to store it.

    >
    > I should have simply stated that I'm not sure if any CC data is stored
    > on the system. It seems to me, once a transaction is approved, and an
    > approval code issued, the CC number itself is no longer needed. I've
    > forwarded the question to our POS software vendor.


    Based on your initial description it's hard to tell what you're looking
    at, other than POS XP and database. No clear definition of your using a
    packaged solution, and you seem to indicate a home grown solution.

    > >> Practically, I don't see how we could afford this level of security,
    > >> especially from an expertise standpoint. The restaurant is a
    > >> seasonal mom-n-pop quick-service (window) shop. i.e. The budget is
    > >> tight.

    > >
    > > Why do you need something like you described for that type of business
    > > - a simple QuickBooks POS terminal and a credit card swiper with a CC
    > > service would handle all that you need.

    >
    > Hmmmmm... The QuickBooks POS is very similar to what we're using. (We
    > actually looked at the QuickBooks, but found it to be a poor choice for
    > a restaurant.) What did I say which implied otherwise? What is it
    > about the QuickBooks POS system which eliminates security concerns? Now
    > I'm really confused...


    Nothing eliminates the security concerns, but, do you really think that
    they would develop a solution that they sell to tens of thousands of
    customers that would leave them wide open?

    I would be willing to be that they've got all the bases covered and also
    offer recommendations on firewall solutions.

    The big difference in purchasing a package is that the parts are already
    designed to be connected, to be secured, to work with each other, to
    provide support, and you don't have to wonder about database connections
    or how to properly secure them.

    --

    spam999free@rrohio.com
    remove 999 in order to email me

  19. Re: Point-of-Sale security

    Leythos wrote in
    news:MPG.20212a9fd2f06257989862@adfree.Usenet.com:

    > Based on your initial description it's hard to tell what you're
    > looking at, other than POS XP and database. No clear definition of
    > your using a packaged solution, and you seem to indicate a home grown
    > solution.


    > Nothing eliminates the security concerns, but, do you really think
    > that they would develop a solution that they sell to tens of thousands
    > of customers that would leave them wide open?
    >
    > I would be willing to be that they've got all the bases covered and
    > also offer recommendations on firewall solutions.
    >
    > The big difference in purchasing a package is that the parts are
    > already designed to be connected, to be secured, to work with each
    > other, to provide support, and you don't have to wonder about database
    > connections or how to properly secure them.
    >


    I guess that I should have included more details in my initial post. In
    any case, we are using a COTS POS software (Aldelo) running on COTS
    hardware (Mercury/DigiCom). Maybe I am trying to over-architect the
    security, but I thought it would be a good idea to isolate the system as
    much as reasonably possible. In my experience, the POS vendors simply
    show the firewall as a black-box and offer no detail, probably to avoid
    any future culpability.

    Browsing POS related forums, it seems most businesses similar to ours
    are simply using residential routers with no more security than one
    would find in a typical home network. Given the amount of malware
    infected machines I regularly see, I felt this was insufficient.

    Kind regards,
    Dale

  20. Re: Point-of-Sale security

    In article ,
    dig@notmail.com says...
    > Leythos wrote in
    > news:MPG.20212a9fd2f06257989862@adfree.Usenet.com:
    >
    > > Based on your initial description it's hard to tell what you're
    > > looking at, other than POS XP and database. No clear definition of
    > > your using a packaged solution, and you seem to indicate a home grown
    > > solution.

    >
    > > Nothing eliminates the security concerns, but, do you really think
    > > that they would develop a solution that they sell to tens of thousands
    > > of customers that would leave them wide open?
    > >
    > > I would be willing to be that they've got all the bases covered and
    > > also offer recommendations on firewall solutions.
    > >
    > > The big difference in purchasing a package is that the parts are
    > > already designed to be connected, to be secured, to work with each
    > > other, to provide support, and you don't have to wonder about database
    > > connections or how to properly secure them.
    > >

    >
    > I guess that I should have included more details in my initial post. In
    > any case, we are using a COTS POS software (Aldelo) running on COTS
    > hardware (Mercury/DigiCom). Maybe I am trying to over-architect the
    > security, but I thought it would be a good idea to isolate the system as
    > much as reasonably possible. In my experience, the POS vendors simply
    > show the firewall as a black-box and offer no detail, probably to avoid
    > any future culpability.
    >
    > Browsing POS related forums, it seems most businesses similar to ours
    > are simply using residential routers with no more security than one
    > would find in a typical home network. Given the amount of malware
    > infected machines I regularly see, I felt this was insufficient.


    I've seen that type of solution before, and it works, UNTIL.

    As a person that designs secure networks for many different levels of
    business and different markets, mainly Medical, I can only do my part by
    making you aware of the issues and hope that you determine that a
    firewall, not a pretend one, is worth its weight in gold to you and your
    customers.

    If you have a database for your POS system you need to isolate it
    completely from the POS machines, except for the specific ports that the
    data connection needs.

    --

    spam999free@rrohio.com
    remove 999 in order to email me

+ Reply to Thread
Page 1 of 2 1 2 LastLast