Re: Router Security

From: Stupified (neosadist@hotmail.com)
Date: 01/22/03 

From: "Stupified" <neosadist@hotmail.com>
Date: Wed, 22 Jan 2003 09:38:48 -0600

"Duane Arnold" <notme@notme.com> wrote in message
news:xOpX9.82082$kH3.14905@sccrnsc03...
> Go with the layered protection approach of router with software firewall
on
> all the machines.
>
> That router have SPI and DMZ on it?
>
> Duane :)
>
> --
> The protection of the machine is a process and is not a given!
> "Current User" <FatElvis@heartbreakhotel.comICAL> wrote in message
> news:ed3s2vcvs0cd979j7s3o653v347j4vde91@4ax.com...
> > My Belkin DSL router is holding port 80 open, as though it's
> > running a Web server or something. All others are stealthed, as
> > they should be. The port is not open on the computer itself, just
> > the router. Belkin tech says it's not a problem, and the router is
> > secure. Well, I sometimes make FTP connections too, but the router
> > doesn't hold port 21 open continuously. What gives? I think
> > holding port 80 open just flags me as a potential target, but the
> > Belkin tech guy doesn't see the problem. Of course, he's not the
> > target! Does your router hold port 80 open when you do a ShieldsUp
> > or other online port scan? Should I demand a fix from Belkin?
> >
> >
> >
>
>

If it's the one I think it is, it has SPI and DMZ abilities. I say screw
the software firewall. A software firewall (on a heavily used and/or
heavily taxed or older machine) can cause the machine to lock up, which only
makes it less stable in the long run.

Relevant Pages

  • Re: Using Remote Desktop From an SBS Domain
    ... when you tried to RDP while attached directly to a port on your router? ... So if 3389 needs forwarded on the client end too then that is what the ... Hopefully next week I can attempt a connection while my ISP watches the ...
    (microsoft.public.windows.server.sbs)
  • Re: Cost of setting up a network
    ... A router capable of acting as a VPN endpoint for more than one user simultaneously with four Ethernet ports or a switch to suit. ... The rationale for using a server here is basically that the router doesn't need to be able to decide which PC to route the connection to. ... If you are using a router which supports it, you can set up a port-forwarding inbound rule which also _translates_ the port supplied to the receiving port. ... You can use several of these connections to different machines simultaneously. ...
    (uk.comp.homebuilt)
  • How did they get behind my NAT?
    ... this point I panicked and shutdown the VNC service ASAP. ... My question is how the attacker got to my VNC port! ... the internet through the router. ... client connection using local port number 5900 (which was also being ...
    (alt.computer.security)
  • RE: [Full-Disclosure] Microsoft urging users to buy Harware Firewalls
    ... connections between multiple computers. ... A Linksys NAT router box is selling for only $40 at Amazon ... Besides protecting against the MSBlaster worm, a hardware ... Then the user finds about port forwarding, and as soon as the user ...
    (Full-Disclosure)
  • Re: Connecting to Home Computer
    ... cannot transmit IP packets outside the local network). ... assigned by your router. ... You have to add the port too, ... Determine the ports (pcAnywhere uses 5631 for DATA, 5632 for STATUS, I ...
    (microsoft.public.windowsxp.work_remotely)