Re: Firewall for XP PC with multiple users

From: Volker Birk (bumens_at_dingens.org)
Date: 09/20/05


Date: 20 Sep 2005 07:23:54 +0200

jameshanley39@yahoo.co.uk wrote:
> > But Sygate also is vulnerable to the SelfDoS attack,
> is that just when a comedian send some packets where src ip=your
> router. and the PFW thinks there's an attack from that ip and blocks
> packets from the router.

Yes, something like that. A second option would be the source IP of
the DNS server, for example. Or any other host, which is neccessary.

> 'cos that wouldn't happen often, and u could probably turn the PFW off
> or check the PFW's configuration and remove the router's ip from any
> attacker list. - leaving the windows firewall on.

Yes. This is exactly, what I recommended - turing the "Personal Firewall"
off and leaving the Windows-Firewall on ;-)

Yours,
VB.

-- 
"Es kann nicht sein, dass die Frustrierten in Rom bestimmen, was in
deutschen Schlafzimmern passiert".
                                    Harald Schmidt zum "Weltjugendtag"


Relevant Pages

  • Re: SYN Attacks - how i cant stop it
    ... > FBSD club, would you please review the following. ... > # control how network packets are handled after IPFW or IPFILTER ... > these MIB. ... > # the two queues which are targeted by this type of attack should ...
    (FreeBSD-Security)
  • Re: SYN Attacks - how i cant stop it
    ... > FBSD club, would you please review the following. ... > # control how network packets are handled after IPFW or IPFILTER ... > these MIB. ... > # the two queues which are targeted by this type of attack should ...
    (freebsd-questions)
  • Re: Port 80 SYN flood-like behavior
    ... > were on the receiving end of such an attack a little over one month ago. ... > across a LARGE number of TCP servers. ... > SYN/ACK packets ... ... Traffic reflection off routers ...
    (Incidents)
  • Re: Questions re WEP encryption
    ... to replay captured APR packets. ... most intrusion detection software never sees it happen. ... active attacks generate wireless traffic that can itself be detected ... and possibly alert the target of the attack. ...
    (alt.internet.wireless)
  • Re: Questions re WEP encryption
    ... to replay captured APR packets. ... subsequent attack on the same data set. ... an IDS (intrusion detection system) which would drop excessive packets ... traffic showed up in the Windows Network Control Panel. ...
    (alt.internet.wireless)