Re: Why is Win Explorer accessing the Net?

From: Hairy One Kenobi (abuse_at_[127.0.0.1)
Date: 12/24/03 

Date: Wed, 24 Dec 2003 00:12:21 -0000

"Leythos" <void@nowhere.com> wrote in message
news:MPG.1a526f4bcffc1095989fbe@news-server.columbus.rr.com...
> In article <bs9sr5$fk1$1@canopus.cc.umanitoba.ca>, roberson@ibd.nrc-
> cnrc.gc.ca says...
> > My firewalls are also VPN devices, and do exactly the same kind of
> > adaptive security on connections over IPSec tunnels as is done
> > for non-tunneled connections. Also, using a VPN would not solve
> > the issue that the public IP address might have changed.
>
> Actually you are wrong:
>
> The E2K Server sitting behind a firewall, should be on a fixed IP, or no
> one will find it.

Hesitates, tucks fingers in belt, treads anyway.. no "need" for a static
behind the firewall - if it's NAT (as most probably are) then it's
irrelevant; if it's direct, then you might be better considering a lookup on
one of a set of owned IPs (just in case someone takes a distributed offence
to your specific address)

General comment holds, of course.

> The clients can use VPN routers / other with Dynamic IP's.
>
> The VPN's are setup with Aggressive mode user/password with shared key
> and work easily with Dynamic IP addresses on the client side.
>
> Done this many times.

<imagine - if you will - a chunk from one of the replies by Pete>

..and similar Festive Clichés to all concerned!

H1K

Relevant Pages

  • Re: What is the Pattern here ?
    ... These are all Dialup Connections that I had no connection with at the time. ... It's obviously an enormous security hole, ... > and a real firewall box. ...
    (comp.security.firewalls)
  • Re: Black Ice confesses faulty program!!!
    ... > outgoing connections or traffic except in cases where these connections ... > "dangerous/suspicious" traffic by the BlackICE program. ... > get into your machine then even a PC *without* a firewall is completely ... If you don't think "Spyware" is a problem for computer ...
    (comp.security.firewalls)
  • Re: Port 135
    ... The patch doesn't disable DCOM / RPC, so connections can still be made. ... That's why you need a firewall. ... the patch is not the thing to control ... control over your TCP/IP ports and services, ...
    (microsoft.public.security)
  • Re: Networking/Security Question...
    ... The router itself will be a Cisco 1721. ... >setup is very simple... ... XP sp2 having the firewall on by default. ... > # but deny established connections that don't have a dynamic rule. ...
    (freebsd-net)
  • Re: XPsp2 firewall - bug? - disables on certain networks
    ... Firewall Settings for Microsoft Windows XP with Service Pack 2" document ... Even if the DNS suffix is different, the computer can get a new policy from ... manually enter the DNS server and suffix settings for all connections. ...
    (comp.security.firewalls)