Re: New experience for me...
From: David (davidwnh@adelphia.net)
Date: 11/18/02
- Next message: David: "Re: Firewall and Home Network"
- Previous message: James Grant: "Re: VisNetic Firewall"
- In reply to: Mark N.: "New experience for me..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "David" <davidwnh@adelphia.net> Date: Mon, 18 Nov 2002 19:29:13 GMT
Many of these unsolicited messages come in through port 135 UDP. The
forwarding of this message to only one of your computers may have to do with
your router, its configuration, and/or the configuration of your computers.
For example Is your router set to allow WAN requests? Your router's firmware
version may allow UDP packets even with block WAN requests enabled. The
specific firmware version of your D-Link router may not block the entire
range of ports to incoming TCP and/or UDP traffic. Only the computer which
allowed the message may have the specific port listening, or your router may
default the traffic to a certain internal IP.
If your router is configured properly and has up to date firmware and still
allows this traffic you may need to add a software firewall to specifically
block this port as well as others which may not be protected. Not blocking
all ports particularly concerning UDP traffic is a problem inherent in
several firmware versions of many routers. For this reason alone I have
always considered consumer grade routers/hardware firewalls suspect at best.
You can disable the messenger service as an alternative if you don't want to
use it internally. It is used for certain services such as with a UPS and
also for sending administrative alerts so you may not want to do this
depending on your particular setup and usage.
"Mark N." <mark@marknorth_nospam.net> wrote in message
news:6aAB9.467$Kw6.346698@newssrv26.news.prodigy.com...
> I had somebody send an administrative message to my home PC - an add for
> Viagra...
> I'm on DSL and have a D-Link router/switch/firewall between my DSL modem
and
> my two PCs. Only one of the PCs received the message - even though the
> recipient IP addy was the outside IP addy of my D-Link.
>
> My questions are:
>
> 1) Why did the message come to only one of my PCs?
> 2) Why did it come through at all - I suppose there's a configuration
> somewhere on my router to stop this?
> 3) Is this a normal occurrence? I've never experienced it and have had
> broadband (cable and now DSL) for years.
>
> I'll admit that it gives me the creeps - am I still reasonably safe?
>
> Thanks,
> Mark
>
>
- Next message: David: "Re: Firewall and Home Network"
- Previous message: James Grant: "Re: VisNetic Firewall"
- In reply to: Mark N.: "New experience for me..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
