Re: firewall but which one

From: Dr. Bob (rck@houston.rr.com)
Date: 12/24/01 

From: rck@houston.rr.com (Dr. Bob)
Date: Mon, 24 Dec 2001 18:26:42 GMT

On Mon, 24 Dec 2001 15:58:37 -0000, "bassbag"
<bassbag@bodybags.dragon.wales> wrote:

>Then I tried Outpost which seems quite
>good to , though again I had to tweak things continually , like the ad
>blocker which blocks legitamate jpgs at this site (my home page)
>http://www.bbc.co.uk/ , because they are a certain size

Where are those rules? I remember seeing them somewhere but now I
forgot. I am going to remove them because they are removing too much
valuable content.

>so I've stuck with Naviscope though granted it is a little
>outdated now but it does the trick for the most part.So now Im back with
>Sygate.Not to sure about what the server issue exactly means to a user as a
>security issue though, as every test site Ive tried gives complete stealth
>(though to be fair ..all the others did too).If you have any links regarding
>the server issue , I wouldnt mind reading up on it a bit more.

I do not know of any sites that make an issue of this specifically -
it is just part of the problem of parasites in general.

If you have a NAT router (which you should) and have not forwarded any
ports, there should not be any problem. But if you do not have NAT or
have forwarded a port with NAT, then a parasite could listen for
incoming packets. If a hacker sends a message to that parasite
server... well you know the rest.

I recommend that you use Port Detective from TZO to conduct your own
probes. I do not trust those public sites because they do not do a
thorough job. Port Detective uses an agent ( a mock parasite) in your
machine and attempts to connect with the TZO server. Now you have a
real test of connectivity along the entire path.

http://www.portdetective.com/

BTW, TZO is the company that provides enterprise-class hot failover
dynamic DNS services to large corporations, so they are reputable. I
have been a beta test site for over a year and I can vouch for them.

Dr. Bob

"Our country's a place of limitless hopes and
possibilities, and nowhere is that spirit more
alive than in the great nation of Texas."
--G. W. Bush

Relevant Pages

  • Re: L2TP/IPSec Verbindung läuft mit XP SP2 nicht mehr
    ... In XPSP2 the IPsec driver needs a registry setting when either the ... server or workstation are behind a NAT gateway. ... 1- Client initiates to a server that is behind the NAT ... > Peer Private Addr ...
    (microsoft.public.de.german.windowsxp.networking)
  • Re: NAT and AD
    ... addresses on 4 server and 50 PCs and having all my applications work without ... SQL and web apps work just fine from my NAT clients. ... I can browse the AD printers from a NAT client using the "Add Printer ...
    (microsoft.public.win2000.active_directory)
  • Re: FTP Server setup... Im so close!
    ... > I have installed the Internet Information Services, etc, and have the FTP ... Your external client is trying to use Passive Mode. ... Since your server is behind NAT, ...
    (microsoft.public.windowsxp.network_web)
  • Re: NAT probably blocking netlogon traffic
    ... Tools like that won't work across NAT. ... the DNS server in each domain would be set up to ... You will need IP routing enabled on the RRAS server. ...
    (microsoft.public.win2000.ras_routing)
  • Re: Small network to Net setup suggestions.
    ... You can certainly do what you're attempting with just two NICs and a server. ... Just turn up RRAS with a NAT interface, make sure the external side of NAT ... If you want VPN, be sure to get a router that supports VPN passthrough, or better, a ...
    (microsoft.public.win2000.networking)