Re: Firewall and DNS
From: Anorexic Elvis (FatElvis@heartbreakhotel.comICAL)
Date: 12/30/02
- Next message: Lik Mai Sak: "Re: Securing Your Computer"
- Previous message: -Özzama Bin Kenøbi-: "Re: Sex Trojans"
- In reply to: Some One: "Re: Firewall and DNS"
- Next in thread: Richard Horton: "Re: Firewall and DNS"
- Reply: Richard Horton: "Re: Firewall and DNS"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Anorexic Elvis <FatElvis@heartbreakhotel.comICAL> Date: Mon, 30 Dec 2002 14:32:50 -0500
Recently, Some One <someone@nowhere.com> posted:
> Fat Ass Elvis <FatElvis@heartbreakhotel.comICAL> wrote in
>
> > Recently, Some One <someone@nowhere.com> posted:
> >
> >> Fat Ass Elvis <FatElvis@heartbreakhotel.comICAL> wrote in
> >>
> >> > The Internet connection on my Win XP system is configured
> >> > as:
> >> > Earthlink ISP <---- DSL router <---- DSL modem <----
> >> > ZoneAlarm Pro.
> >> >
> >> > Though I don't currently have a network setup, I am
> >> > technically on Sprintlink's network as a DSL subscriber. I
> >> > have their DNS addresses in my TCP/IP properties. ZoneAlarm
> >> > sees my Internet connection as a network and places it, by
> >> > default, in the "Trusted" zone;
> >> > (192.168.xx.xx/255.255.255.0 = Trusted zone)
> >> >
> >> > Does this effectively place the entire Internet in my
> >> > Trusted zone? Shouldn't I change this to "Internet" zone?
> >> >
> >> > Also, by default, ZA blocks outgoing DNS whenever my system
> >> > tries to communicate with Spintlink's DNS server. Should I
> >> > allow outgoing DNS? How do I setup ZA to allow incoming and
> >> > outgoing DNS only with the specified IP?
[snip]
> I think you are getting DNS and DHCP confused. I'm not sure
> about your DSL provider but most providers use DHCP which sends
> your computer all the information it needs to connect to the
> internet, in your case your provider send the info to your
> router which then sends what it needs to on to your computer.
> One of the things DHCP sends are the addresses for the DNS
> servers. If this is the way your ISP works then you need to
> remove the DNS addresses from your TCP/IP properties.
>
> DNS is used to convert URLs to IP addresses so you have to allow
> DNS both ways, this is usually port 53. The internet doesn't
> know a URL from a hole in the ground. When you type in a URL,
> www.yahoo.com for example, your browser sends this to your DNS
> which finds the IP address for the URL you typed and sends that
> IP address back to your computer so DNS traffic has to go both
> ways.
>
> Also the 192.168.x.x addresses should not go out on the
> internet, your router will handle that part. On the ISP side of
> the router you will have a routable IP address, this is
> something other than 10.x.x.x or 192.168.x.x and a couple other
> groups. The 192.168.x.x address is on your side of the router
> and that's what Zone Alarm will see. It's been a long time
> since I used Zone Alarm so I can't remember how to set it
> up.
I am confused about a great many things, but I do know what a DNS
server is. Not so familiar with DHCP, but I'm learning. My ISP
(Erthlnk) recommends manually installing their DNS numbers.
However, Sprint tech recommends "Obtain ... automatically", and I
trust the Sprint tech more than the E-link tech. So, I'll enable
that and let the router handle it all.
My biggest question is whether my router network (192.168.xx.xx)
should be set to the Internet zone or the Trusted zone. I am
concerned about putting the entire Internet in my Trusted zone if
I make the wrong choice.
- Next message: Lik Mai Sak: "Re: Securing Your Computer"
- Previous message: -Özzama Bin Kenøbi-: "Re: Sex Trojans"
- In reply to: Some One: "Re: Firewall and DNS"
- Next in thread: Richard Horton: "Re: Firewall and DNS"
- Reply: Richard Horton: "Re: Firewall and DNS"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
