question on number of received packets w/ and w/out router

[Guest]

Archived from groups: comp.security.firewalls (More info?)

My router seems to slow my connection down, so out of frustration I
instead connected my DSL modem directly to my machine.

For some reason I happened to check my connection status and noticed the
numbers for received packets went up very fast. I disconnected and
reconnected then went to a forum I usually visit and the packet numbers
shot up to approx 130,000 for the received packets. I hit over a million
packets in 10 minutes of surfing. I'm not sure what is being received.
Is it port scans?

I have Zone Alarm running on my machine, so I checked the log and saw
that I had a lot of alerts warning me that people were trying to connect
to my machine, but they were all blocked. Unfortunately I cleared my log
so I don't have them anymore (and for some reason it doesn't appear to
be archived). I don't know if this would have an effect? However I don't
see any alerts since I'm now connected via my router. IS this because
people are trying to ping/scan my router and they can't see me behind
the NAT firewall?

When I'm behind my router and hit the same page I get maybe 1-2,000
packets received.



I was wondering why the numbers would be so different.

--------------
yelohk @ yahoo
com

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

* On Tue, 30 Mar 2004 17:27:01 -0600, smilla wrote:
>
> I have Zone Alarm running on my machine, so I checked the log and saw

You should upgrade that.

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

Dev Null's Stunt Double wrote:
> * On Tue, 30 Mar 2004 17:27:01 -0600, smilla wrote:
>
>>I have Zone Alarm running on my machine, so I checked the log and saw
>
>
> You should upgrade that.

I don't understand what you mean by that statement.

Upgrade what? Zone Alarm, my machine....?? Is this a sarcastic statement
meaning I should use another program...?

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

* On Thu, 01 Apr 2004 14:01:35 -0600, smilla wrote:
> Dev Null's Stunt Double wrote:
>> * On Tue, 30 Mar 2004 17:27:01 -0600, smilla wrote:
>>
>>>I have Zone Alarm running on my machine, so I checked the log and saw
>>
>>
>> You should upgrade that.
>
> I don't understand what you mean by that statement.
>
> Upgrade what? Zone Alarm, my machine....?? Is this a sarcastic statement
> meaning I should use another program...?

You should upgrade your Zone Alarm. There have been recent security
issues with it.


--
Of all the things I've lost, I miss my mind the most -- Ozzy

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

On Tue, 30 Mar 2004 17:27:01 -0600, smilla spoketh


>see any alerts since I'm now connected via my router. IS this because
>people are trying to ping/scan my router and they can't see me behind
>the NAT firewall?
>
>When I'm behind my router and hit the same page I get maybe 1-2,000
>packets received.
>

The numbers are so different because the router is dropping a lot of
packets. There's a lot of different worms out there that's doing a whole
lot of port scanning, so that could easily account for the difference in
packets received.


Lars M. Hansen
http://www.hansenonline.net
(replace 'badnews' with 'news' in e-mail address)

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

Lars M. Hansen wrote:
> On Tue, 30 Mar 2004 17:27:01 -0600, smilla spoketh
>
>
>
>>see any alerts since I'm now connected via my router. IS this because
>>people are trying to ping/scan my router and they can't see me behind
>>the NAT firewall?
>>
>>When I'm behind my router and hit the same page I get maybe 1-2,000
>>packets received.
>>
>
>
> The numbers are so different because the router is dropping a lot of
> packets. There's a lot of different worms out there that's doing a whole
> lot of port scanning, so that could easily account for the difference in
> packets received.
>
>
> Lars M. Hansen
> http://www.hansenonline.net
> (replace 'badnews' with 'news' in e-mail address)

thanks!