Win98SE ICS and Sygate

From: Joe Fox (ny152_at_nopsam.invalid)
Date: 07/30/05

  • Next message: Duane Arnold: "Wrt54G is a FW appliance?" 
    Date: Fri, 29 Jul 2005 22:56:46 -0500

    I've got a home lan with 2pc's using win98se ICS via crossover cable
    connecting the network cards of each machine.

    The host machine has the adsl modem connected via USB

    modem hardcoded to 192.168.1.1, it assigns the icshost 192.168.1.2

    ICS host also gets 192.168.0.1 (as seen from the client machine)
    ICS client gets 192.168.0.2 (this one is set manually so that some port-
    forwarding from the host will have a consistent target)

    for over a year the host has been running Zone Alarm free version and the
    client has been running sygate personal free version

    recently had trouble with ZA on host shutting down, it started a couple
    weeks ago and has been getting worse. finally I had enough and decided to
    uninstall ZA and put Sygate on the host.

    It works fine, host and client can both see each other, the modem, and
    access email, web, usnet... etc. Except for *ONE* thing.

    The hitch is the client machine needs to run DynDNS Updater
    (http://www.kana.webhop.com) (v2.1.0 build 61) and it cannot manage to
    detect the WAN address or successfully update the dyndns address.

    I tried a test, shutting down sygate on the host machine allows dyndns to
    update. I've searched the sygate helpfiles and based on what I've found, i
    created the set of rules quoted below in an effort to get this fixed.

    I know that the obvious solution is to run the dyndns updater on the host,
    but that option is just not available for other reasons.

    I've tried just about all I can think of, including the first two rules in
    this list which are a result of looking at the firwall log for blocked
    traffic which happens at exactly the same time dyndns updater is trying to
    do it's thing, but still no results.

    ====sygate advance rules===
    Allow local ICMP
    This rule will allow both incoming and outgoing traffic from/to IP
    address(es) 192.168.1.1,192.168.0.1,192.168.0.2 on ICMP type 0,8. This
    rule will be applied to all network interface cards.

    allow local network
    This rule will allow both incoming and outgoing traffic from/to IP
    address(es) 192.168.1.1,192.168.0.1-192.168.0.255 on all ports and
    protocols. This rule will be applied to all network interface cards.

    Allow Windows Internet Sharing Driver
    This rule will allow both incoming and outgoing traffic from/to all
    hosts on all ports and protocols. This rule will be applied to all
    network interface cards. The following applications will be affected in
    this rule: Windows Internet Sharing Driver.

    Allow Microsoft Internet Connection Sharing Manager
    This rule will allow both incoming and outgoing traffic from/to all
    hosts on all ports and protocols. This rule will be applied to all
    network interface cards. The following applications will be affected in
    this rule: Microsoft Internet Connection Sharing Manager

    Allow NDIS Virtual Device
    This rule will allow both incoming and outgoing traffic from/to all
    hosts on all ports and protocols. This rule will be applied to all
    network interface cards. The following applications will be affected in
    this rule: NDIS Virtual Device (Version 4.0).

    Allow NETBEUI Virtual Device
    This rule will allow both incoming and outgoing traffic from/to all
    hosts on all ports and protocols. This rule will be applied to all
    network interface cards. The following applications will be affected in
    this rule: NETBEUI Virtual Device (Version 4.0).

    Allow Win32 Kernel
    This rule will allow both incoming and outgoing traffic from/to all
    hosts on all ports and protocols. This rule will be applied to all
    network interface cards. The following applications will be affected in
    this rule: Win32 Kernel core component.

    Allow TCP 67-68
    This rule will allow both incoming and outgoing traffic from/to all
    hosts on TCP remote port(s) 67 to/from TCP local port(s) 68. This rule
    will be applied to all network interface cards.

    Allow UDP 67-68
    This rule will allow both incoming and outgoing traffic from/to all
    hosts on UDP remote port(s) 67 to/from UDP local port(s) 68. This rule
    will be applied to all network interface cards.
    ================

  • Next message: Duane Arnold: "Wrt54G is a FW appliance?"

    Relevant Pages

    • understanding chkrootkit: sshd section
      ... Rhosts Authentication disabled, originating port will not be trusted. ... Secure connection to %.100s on port %hu refused%.100s. ... Warning: Remote host refused compression. ... Received RSA challenge from server. ...
      (comp.os.linux.security)
    • understanding chkrootkit: sshd section
      ... Rhosts Authentication disabled, originating port will not be trusted. ... Secure connection to %.100s on port %hu refused%.100s. ... Warning: Remote host refused compression. ... Received RSA challenge from server. ...
      (comp.security.unix)
    • Re: ICS and FS trouble
      ... >>>client for ms networks, service advertising protocol, file and printer ... >>>execept that the MS beta AntiSpyware connects to the internet and recognises ... >> Microsoft doesn't support changing the ICS host computer's LAN ... >> Internet connection has a 192.168.0.x address that can't be changed to ...
      (microsoft.public.windowsxp.network_web)
    • Re: understanding chkrootkit: sshd section
      ... Connection will not be encrypted. ... > Rhosts Authentication disabled, originating port will not be trusted. ... > Could not request local forwarding. ... Remote host failed or refused to allocate a pseudo tty. ...
      (comp.os.linux.security)
    • Re: understanding chkrootkit: sshd section
      ... Connection will not be encrypted. ... > Rhosts Authentication disabled, originating port will not be trusted. ... > Could not request local forwarding. ... Remote host failed or refused to allocate a pseudo tty. ...
      (comp.security.unix)