Re: Proxy on unusual port

From: Duane Arnold (notme_at_notme.com)
Date: 10/05/03

• Next message: J Jay: "Re: What's the best firewall for a friend."
• Previous message: Voice of the Mysterons: "Re: What's the best firewall for a friend."
• In reply to: Charles Newman: "Re: Proxy on unusual port"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Sat, 04 Oct 2003 23:36:57 GMT

"Charles Newman" <charlesnewman1@spamkiller.comcast.net.nospam> wrote in
news:mZCdnQTjmN-Ol-KiU-KYhA@comcast.com:

>
>
> Well, I have since configured Tiny Personal Firewall
> to restrict access from within my own network, and
> tests on on the proxy checker at freeproxy.ru show it
> to be closed
> I use Tiny Personal Firewall. It has the facilities to
> monitor what is going on and allow me to close my
> proxy. Hardware firewalls do not have the monitoring
> and alerting that software firewalls, like Tiny, have.
>
 
Yeah, you can use Tiny to alert on the outbound a good thing. But the
fact remains that if the router was setting in front of the machines, it
would block *unsolicited everything* inbound to the network. Therefore,
the machines behind the router would not have to deal with the
scans/attacks.

The machine's O/S, proxy, Tiny, and anything else would not need to react
using the machine's resources to stop the scans/attacks slowing the
machine down from doing other things.

Some routers do have the capability to stop outbound too. But it's
probably preferred by most in a home networking environment to let a host
based FW solution handle that task behind the router.

It seems to me that it's a better solution to have a appliance in front
of the machines protecting the network as a gateway or for a single
machine not part of a network, than it is to have a machine doing it with
the vulnerable MS O/S of any flavor directly connected to the Internet,
IMHO.

Duane :)

---

• Next message: J Jay: "Re: What's the best firewall for a friend."
• Previous message: Voice of the Mysterons: "Re: What's the best firewall for a friend."
• In reply to: Charles Newman: "Re: Proxy on unusual port"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages RE: wirless connection security issues ... wrt54gl only has a single port for the incoming network. ... I would set up the router to use the Class C private IP range ... for your machines. ... Subject: wirless connection security issues ... (Security-Basics) Re: I cant understand Windows Explorer ... 'Network Places' either. ... machines that are turned off. ... duration from the router. ... we have four computers in one room and six in the other. ... (microsoft.public.windowsxp.general) Re: resolver problems ... If you've got a little router, ... for using the graphical network information tool in system preferences. ... I do not have any of the machines specifically set to route from one ... transforming your network connection to a shared connection from several ... (freebsd-questions) Re: Windows 2000 IP Range Question More options ... What do you mean by "part" of the network? ... BROADCAST domains then they need to be separate SUBNETS. ... machines plugged into different ports are separated by a router? ... The machines with the IP 190.10.10 addresses work fine amongst each ... (microsoft.public.windows.server.general) Re: ATTN: Duane Arnold - Re: Cable modem and 2 computer LAN security question ... network that had a MS Domain Controller computer and there is none on ... I don't think the router has anything to do with it. ... The machines on your network are never going to be on a MS Domain ... You start doing high risk things like port forwarding ports on the router ... (comp.security.firewalls)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(18)