Re: Using a Linksys router, should I also use Zonealarm? Internet Acceptable Use Policy
From: Miha Pihler (miha.pihler_at_Atlantis-N0Spam.si)
Date: 07/28/03
- Next message: Dan: "Pop-ups built into the OS"
- Previous message: Mary: "Re: Using a Linksys router, should I also use Zonealarm? Internet Acceptable Use Policy"
- In reply to: Mary: "Re: Using a Linksys router, should I also use Zonealarm? Internet Acceptable Use Policy"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 28 Jul 2003 22:45:51 +0200
Hi Mary,
depending on your VPN client when you connect to VPN server client will
change the default route for the traffic. Microsoft's VPN client is like
this. As soon as you connect to VPN server that will be default route.
Now what does this mean. Default route is used to determine where our
packets (requests) go. If I don't use VPN my default route will be targeted
at my ISP in this or other way (over router or directly via my network
card).
You can see default route if you type route print command in you command
prompt. It is represented as 0.0.0.0 MASK 0.0.0.0 and it point to one or
other network address (network card). This can be physical network card
(device) or VPN connection.
Now you connect to VPN and it changes default route. So when you try to
browse you traffic goes into tunnel and to your company network that then
replies with the page. That is how they are able to filter what you can see
and what you can't.
Why can you still be compromised? It is quite easy to change routes. I can
do this...
route delete 0.0.0.0 MASK 0.0.0.0 10.10.10.50
route add 0.0.0.0 MASK 0.0.0.0 193.2.1.66
route add 10.10.0.0 MASK 255.255.0.0 10.10.10.50
In first line I deleted default route that was created by VPN. In the second
I created new default route for my internet traffic that points to my ISP.
In the third line I added one route that will route all the traffic for
corp. net to the VPN. Of course this is all imaginary data that I used...
There are also some other possibilities but this are most common... :-) I
hope again I have been of some help...
-- Mike MCSA 2K, MCSE 2K, MCT, ... "Mary" <leckavrea-nospam@yahoo.com> wrote in message news:%2325DRPUVDHA.1928@TK2MSFTNGP12.phx.gbl... > Thank you Miha, > > No your answer didn't complicate things. You explained the NAT business very > clearly. > > One thing I'm curious about is this -- in the morning I connect to the > internet first, then establish my VPN connection. While connected via VPN, > my browser's access to the Internet is restricted. Occasionally, I find that > I can't access certain sites (usually something pretty inoccuous) and get > the company's "Internet Acceptable Use Policy" type message preventing > access. I thought it was the company's firewall extending a slap on my > wrist, but if not, how does this work? And if they can protect me like this > against myself, why can't they protect themselves agains unlawful intrusion > by a hacker via my computer? > > I'm reading some reviews on Blackice vs. Zonealarm. > > Mary > > > "Miha Pihler" <miha.pihler@Atlantis-N0Spam.si> wrote in message > news:eFeD12NVDHA.1816@TK2MSFTNGP09.phx.gbl... > > Hi Mary, > > > > yes VPN is sort of a breach in the firewall. The problem is you are using > > public internet to access corporate network. If your PC is unprotected in > > the internet someone might notice this and try and use your PC over the > > internet to access corporate network. > > In the "old days" when people used to use Dial-In instead of VPN you ware > > protected by corporate Firewall -- since there was no public Internet > > network involved to act as a connection to Corporate network.. > > > > NAT is Network Address Translation. It translates private IPs (e.g. > > .10.10.0.0, 172.16.0.0 or 192.168.0.0) to public internet addresses. > Private > > IP is special range of IPs that is not routed on the internet. > > Large companies and even at home we use private IPs to access internet. > The > > reason is at home we usually only get one IP from our ISP. In the company > > where we have thousands of computers it would be a waste of IP numbers > that > > are already in shortage. > > But we can only use private IPs on our private networks. We can't access > > internet with this IPs. So here is where NAT comes in to play. It allows > us > > to access internet from our private network by translating our private IP > > e.g. 10.10.1.15 to e.g 193.2.1.66. > > > > NAT devices (e.g. your Linksys router) can also help a bit with security > > since it hides our PCs. We can have e.g. 100 PCs on internal network that > > are protected by Linksys router that has one public IP address assigned to > > it. Even though it protects our network this protection is limited and > > should not be used or mistaken as firewall functionality. > > > > I don't like ZoneAlarm very much either. It is "too" difficult to set it > up > > compared to some other software personal firewalls. BlackIce is OK > regarding > > protection and setting up. > > > > I hope I didn't complicate too much :-) > > > > -- > > Mike > > MCSA 2K, MCSE 2K, MCT, ... > > > > > > "Mary" <leckavrea-nospam@yahoo.com> wrote in message > > news:%23ApusUNVDHA.3972@tk2msftngp13.phx.gbl... > > > Thanks Miha and Lanwench: > > > > > > I'm very clueless about this stuff. I just presumed that since the > > corporate > > > network is protected by a firewall, that once I was logged into it, I > was > > > behind the firewall too. But I think from what you say, my VPN > connection > > > acts as a kind of breach of their firewall making it easier for hackers > to > > > piggyback me as I connect to the corporate network. > > > > > > I searched through some old messages on these newsgroups and some > posters > > > implied that the Linsksys router I'm using acts as a firewall too. So > > that's > > > where I came up with that notion. What is a NAT box? > > > > > > I will have a look at Blackice. Lanwench, why don't you recommend > > Zonealarm? > > > > > > Mary > > > > > > > > > "Lanwench [MVP - Exchange]" > > > <lanwench@heybuddy.donotsendme.unsolicitedmail.atyahoo.com> wrote in > > message > > > news:u0Wud8KVDHA.2068@TK2MSFTNGP11.phx.gbl... > > > > Note that your Linksys model is not a firewall - it's just a > router/NAT > > > box. > > > > Better than nothing, but not very hard for people to get through. You > > > should > > > > definitely use a software firewall product in addition to it, > especially > > > if > > > > you're connecting to a corporate network via VPN - they probably won't > > > want > > > > someone hacking in through your insecure internet connection. > > > > > > > > ZoneAlarm isn't one of the best out there - I know BlackIce is good > > stuff. > > > > It should work fine with your VPN; I've done this before successfully. > > > > > > > > Or get a hardware firewall (Linksys makes one; don't remember the name > > > > offhand but it has an X in it and is about $130-$140 US). > > > > > > > > Mary wrote: > > > > > I'm using a Linksys Router (BEFSR41) to connect two computers > > > > > (dekstop and laptop) to my DSL modem. My desktop computer is running > > > > > Windows XP and my laptop is running Windows ME. In the past, I used > > > > > Zonealarm on the desktop computer. However, I unistalled it about a > > > > > year ago -- I was having issues with some other software, I don't > > > > > remember what, and a technician suggested that I get rid of > > > > > Zonealarm. I work from home via a VPN connection, and I do remember > I > > > > > used to have some issues in running Zonealarm while connected by > VPN. > > > > > I'm guessing that the VPN connection would be providing me with > > > > > protection from bad stuff anyway while it's running so maybe > > > > > Zonealarm is overkill at those times, is it? But once I disconnect > my > > > > > VPN connection, would it be a good idea to use Zonealarm then, or is > > > > > my router enough of a barrier between me and the internet? Thanks. > > > > > > > > > > > > > > > > > > > >
- Next message: Dan: "Pop-ups built into the OS"
- Previous message: Mary: "Re: Using a Linksys router, should I also use Zonealarm? Internet Acceptable Use Policy"
- In reply to: Mary: "Re: Using a Linksys router, should I also use Zonealarm? Internet Acceptable Use Policy"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
