Dsiclaimer : this not is not a security guide. You should get information from a TCP/IP Administrataion book if you want better understanding of how this works.
In a few words :
- to run a server, you need to open some ports in the firewall (read the NAT howto for an example). Thus port 9000, and typically 7998, 7999, .. to run a few zones.
- through these ports, the client (remote machine) will talk to your server. On the server, you will have set up a program that listen to these ports, and reacts to what the client sends.
- this program is the EQEmu server (world.exe, and zone.exe). And, yes, the programs read files on your disk, and read/writes to the DB. But the program was designed to read/write only EQEmu files, not just any file. You can ensure this by checking the code, and compiling the program yourself, instead of using pre-compiled binaries.
Generally speaking, the server only tells the client about what it needs to know, i.e. Mob moves, spell casting, ... but does not send any file over the network.
Furthermore, the server does not use your EQ directory, and does not need to know about it.
A few things you may want to do if you are really unsure :
- run the server on a different machine if you can, and target all communication on the EQEmu ports to that machine (this is called DMZ)
- lock the files/programs you feel sensible using file permissions (e.g. run the server by a specific user, and don't allow this user to access unwanted data)
- disallow remote/internet access to some ports on you server using IP filtering if on Win32. The router should already pre'vent this incoming, but if you are really concerned, ... disable access to remote access ports, like telnet, ftp, ...
These are just a few hints. i hope this helps.
|
Linear Mode
