question on number of received packets w/ and w/out router

Archived from groups: comp.security.firewalls (More info?)

My router seems to slow my connection down, so out of frustration I
instead connected my DSL modem directly to my machine.

For some reason I happened to check my connection status and noticed the
numbers for received packets went up very fast. I disconnected and
reconnected then went to a forum I usually visit and the packet numbers
shot up to approx 130,000 for the received packets. I hit over a million
packets in 10 minutes of surfing. I'm not sure what is being received.
Is it port scans?

I have Zone Alarm running on my machine, so I checked the log and saw
that I had a lot of alerts warning me that people were trying to connect
to my machine, but they were all blocked. Unfortunately I cleared my log
so I don't have them anymore (and for some reason it doesn't appear to
be archived). I don't know if this would have an effect? However I don't
see any alerts since I'm now connected via my router. IS this because
people are trying to ping/scan my router and they can't see me behind
the NAT firewall?

When I'm behind my router and hit the same page I get maybe 1-2,000
packets received.


I was wondering why the numbers would be so different.

--------------
yelohk @ yahoo
com
5 answers Last reply
More about question number received packets router
  1. Archived from groups: comp.security.firewalls (More info?)

    * On Tue, 30 Mar 2004 17:27:01 -0600, smilla wrote:
    >
    > I have Zone Alarm running on my machine, so I checked the log and saw

    You should upgrade that.
  2. Archived from groups: comp.security.firewalls (More info?)

    Dev Null's Stunt Double wrote:
    > * On Tue, 30 Mar 2004 17:27:01 -0600, smilla wrote:
    >
    >>I have Zone Alarm running on my machine, so I checked the log and saw
    >
    >
    > You should upgrade that.

    I don't understand what you mean by that statement.

    Upgrade what? Zone Alarm, my machine....?? Is this a sarcastic statement
    meaning I should use another program...?
  3. Archived from groups: comp.security.firewalls (More info?)

    * On Thu, 01 Apr 2004 14:01:35 -0600, smilla wrote:
    > Dev Null's Stunt Double wrote:
    >> * On Tue, 30 Mar 2004 17:27:01 -0600, smilla wrote:
    >>
    >>>I have Zone Alarm running on my machine, so I checked the log and saw
    >>
    >>
    >> You should upgrade that.
    >
    > I don't understand what you mean by that statement.
    >
    > Upgrade what? Zone Alarm, my machine....?? Is this a sarcastic statement
    > meaning I should use another program...?

    You should upgrade your Zone Alarm. There have been recent security
    issues with it.


    --
    Of all the things I've lost, I miss my mind the most -- Ozzy
  4. Archived from groups: comp.security.firewalls (More info?)

    On Tue, 30 Mar 2004 17:27:01 -0600, smilla spoketh


    >see any alerts since I'm now connected via my router. IS this because
    >people are trying to ping/scan my router and they can't see me behind
    >the NAT firewall?
    >
    >When I'm behind my router and hit the same page I get maybe 1-2,000
    >packets received.
    >

    The numbers are so different because the router is dropping a lot of
    packets. There's a lot of different worms out there that's doing a whole
    lot of port scanning, so that could easily account for the difference in
    packets received.


    Lars M. Hansen
    http://www.hansenonline.net
    (replace 'badnews' with 'news' in e-mail address)
  5. Archived from groups: comp.security.firewalls (More info?)

    Lars M. Hansen wrote:
    > On Tue, 30 Mar 2004 17:27:01 -0600, smilla spoketh
    >
    >
    >
    >>see any alerts since I'm now connected via my router. IS this because
    >>people are trying to ping/scan my router and they can't see me behind
    >>the NAT firewall?
    >>
    >>When I'm behind my router and hit the same page I get maybe 1-2,000
    >>packets received.
    >>
    >
    >
    > The numbers are so different because the router is dropping a lot of
    > packets. There's a lot of different worms out there that's doing a whole
    > lot of port scanning, so that could easily account for the difference in
    > packets received.
    >
    >
    > Lars M. Hansen
    > http://www.hansenonline.net
    > (replace 'badnews' with 'news' in e-mail address)

    thanks!
Ask a new question

Read More

Firewalls Routers Connection Networking