D-Link 604 Router

Archived from groups: comp.security.firewalls (More info?)

I have just recently installed a new D-Link 604 VPN NAT Router, and I have
stealthed Ports 113, 137, & 138. I am also running Trend Micro's Firewall.

I have checked everything on GRC.com and all ports are coming back as
stealthed. Furthermore, my Trend Micro Firewall log is showing that nothing
is currently getting through to my software firewall.

Is there anything else I need to do? I am running a single machine on a
cable modem, with no LAN setup.

Please advise.

--
--------------------------------------------------
Virus checked before sending
with Trend Micro PC-Cillin 2004.
--------------------------------------------------
16 answers Last reply
More about link router
  1. Archived from groups: comp.security.firewalls (More info?)

    Roy wrote:
    > I have just recently installed a new D-Link 604 VPN NAT Router, and I have
    > stealthed Ports 113, 137, & 138. I am also running Trend Micro's Firewall.
    >
    > I have checked everything on GRC.com and all ports are coming back as
    > stealthed. Furthermore, my Trend Micro Firewall log is showing that nothing
    > is currently getting through to my software firewall.
    >
    > Is there anything else I need to do? I am running a single machine on a
    > cable modem, with no LAN setup.
    >
    > Please advise.
    >
    Are you the sole user, or do you share you system with others?
  2. Archived from groups: comp.security.firewalls (More info?)

    Roy said in news:xGnBc.834614$Ig.198794@pd7tw2no:
    > Thanks, I just wanted to make sure that I had all my bases covered.
    >
    > Now onward to the internet surfing.
    >

    Well, firewalls won't protect you from viruses in communications that
    YOU establish. Obviously if you can browse the Internet then you have
    an outbound hole punched in your firewalls to permit that connection.
    That means you can also do downloads. Same for e-mails. Do you have
    anti-virus software (and does it auto-update several times per week and
    maybe once, or more, per day)? Do you periodically scan for spyware
    (which is not detected by anti-virus products)?
  3. Archived from groups: comp.security.firewalls (More info?)

    In article <J4mdnZ9qBojllkrd4p2dnA@comcast.com>, reply-to-newsgroup@to-
    email.use-Reply.obey-signature.invalid says...
    > Roy said in news:xGnBc.834614$Ig.198794@pd7tw2no:
    > > Thanks, I just wanted to make sure that I had all my bases covered.
    > >
    > > Now onward to the internet surfing.
    > >
    >
    > Well, firewalls won't protect you from viruses in communications that
    > YOU establish. Obviously if you can browse the Internet then you have
    > an outbound hole punched in your firewalls to permit that connection.
    > That means you can also do downloads. Same for e-mails. Do you have
    > anti-virus software (and does it auto-update several times per week and
    > maybe once, or more, per day)? Do you periodically scan for spyware
    > (which is not detected by anti-virus products)?

    You've got your definition of Firewall and NAT devices mixed up.
    Firewalls can protect you while you are making a connection to a site
    for browsing - many firewalls allow you to block cookies, host
    information, active-X, java scripting, etc... A NAT device will not
    allow you (in most cases) to block any of those.

    Same with email, a firewall often includes proxy filters that allows you
    to remove attachments by type, size, and remove invalid header
    information. Again, a NAT device doesn't do this.

    So, not that you understand that a NAT device is NOT A FIREWALL you
    should be able to properly make the statements:

    NAT devices are not firewall, they block unsolicited inbound access to
    your network.

    NAT devices, in most cases, have no ability to block outbound access
    from your network - some have features to select "private" port ranges,
    but, unless you set them up for that, you are fully permitted to access
    the public side of the network by default.

    NAT devices do not filter web/smtp sessions and do not protect you from
    malicious web sites, spyware, or infected email.

    Firewalls, in general, protect you from all of the above things that NAT
    devices can't/don't do, and much more.

    Now, for the practical side: A home user connected to the internet
    should have, at the least, a border devices, a NAT device, to block
    inbound traffic and to permit the computers to be updated before being
    exposed to the internet and other nasties. A home user sitting behind a
    NAT device is much better off than one not sitting behind one. Any user
    should (esp, on a Microsoft platform) be running a quality antivirus
    software package that AUTO-Updates at least one per day.

    If you are a home user running a server or have services exposed to the
    internet (or forwarded) make sure you secure your system and don't
    scrimp on the "Corporate / Server" class version of the AV software.
    While you may not care if your machine is compromised, most of us don't
    want the wasted traffic your compromised machine will generate hitting
    our networks.


    --
    --
    spamfree999@rrohio.com
    (Remove 999 to reply to me)
  4. Archived from groups: comp.security.firewalls (More info?)

    Leythos said in
    news:MPG.1b40da6a4fe624c298a67a@news-server.columbus.rr.com:
    > In article <J4mdnZ9qBojllkrd4p2dnA@comcast.com>,
    > reply-to-newsgroup@to- email.use-Reply.obey-signature.invalid says...
    >>
    >> Well, firewalls won't protect you from viruses in communications that
    >> YOU establish. Obviously if you can browse the Internet then you
    >> have an outbound hole punched in your firewalls to permit that
    >> connection. That means you can also do downloads. Same for e-mails.
    >> Do you have anti-virus software (and does it auto-update several
    >> times per week and maybe once, or more, per day)? Do you
    >> periodically scan for spyware (which is not detected by anti-virus
    >> products)?
    >
    > You've got your definition of Firewall and NAT devices mixed up.
    > Firewalls can protect you while you are making a connection to a site
    <snip>

    When did *I* ever mention NAT (network address translation)? I don't
    care what firewall you use or if your boundary device has NAT. YOU are
    still the ultimate barrier for protection. Anti-Virus and anti-spyware
    products help but obviously if your firewall lets you make HTTP and POP3
    connections then those are avenues for inbound infections from downloads
    (files or AX controls) or from e-mail.

    By the way, the DI-604 mentioned does have a built-in firewall besides
    the NAT function. It doesn't replace using anti-virus and anti-spyware
    products on your desktop hosts or on a gateway host and the number of
    firewall rules and URL filters is limited but it is still very useful
    (and more so than the Windows XP included firewall). A discussion of
    the DI-604 and many other NAT routers does include both NAT and firewall
    topics because many provide both functions.
  5. Archived from groups: comp.security.firewalls (More info?)

    In article <H-ydne5BMd9LiErd4p2dnA@comcast.com>, reply2newsgroup@see-
    sig4email.invalid says...
    > Leythos said in
    > news:MPG.1b40da6a4fe624c298a67a@news-server.columbus.rr.com:
    > > In article <J4mdnZ9qBojllkrd4p2dnA@comcast.com>,
    > > reply-to-newsgroup@to- email.use-Reply.obey-signature.invalid says...
    > >>
    > >> Well, firewalls won't protect you from viruses in communications that
    > >> YOU establish. Obviously if you can browse the Internet then you
    > >> have an outbound hole punched in your firewalls to permit that
    > >> connection. That means you can also do downloads. Same for e-mails.
    > >> Do you have anti-virus software (and does it auto-update several
    > >> times per week and maybe once, or more, per day)? Do you
    > >> periodically scan for spyware (which is not detected by anti-virus
    > >> products)?
    > >
    > > You've got your definition of Firewall and NAT devices mixed up.
    > > Firewalls can protect you while you are making a connection to a site
    > <snip>
    >
    > When did *I* ever mention NAT (network address translation)? I don't

    You indicated that the outbound would be unfiltered - this only happens
    in the NAT router type devices, not firewalls. (at least I think that
    you typed something like that).

    > care what firewall you use or if your boundary device has NAT. YOU are
    > still the ultimate barrier for protection. Anti-Virus and anti-spyware
    > products help but obviously if your firewall lets you make HTTP and POP3
    > connections then those are avenues for inbound infections from downloads
    > (files or AX controls) or from e-mail.

    And again, even if your firewall lets you make HTTP connections, you can
    still filter the content/types that they can access and prevent them
    from action being taken then they click on a .EXE (or other) file while
    browsing the web. The users are the ultimate line of compromise, not
    defense, even educated users make mistakes. If you can head off most of
    it by using a real firewall then you are a lot better off than just
    having a smart user behind the computer.

    > By the way, the DI-604 mentioned does have a built-in firewall besides
    > the NAT function. It doesn't replace using anti-virus and anti-spyware
    > products on your desktop hosts or on a gateway host and the number of
    > firewall rules and URL filters is limited but it is still very useful
    > (and more so than the Windows XP included firewall). A discussion of
    > the DI-604 and many other NAT routers does include both NAT and firewall
    > topics because many provide both functions.

    The DI-604 does not have a "built-in firewall" it has a couple features
    found in most firewall systems. NAT, MAC filtering, IP Filtering, URL
    Filtering, Domain Blocking do not make it a firewall, they make it a
    very nice NAT router with some good features. Reference:
    http://www.dlink.com/products/resource.asp?pid=62&rid=303


    This one is a lot closer to a firewall than the DI-604:
    http://www.dlink.com/products/?pid=66
    Spec's at:
    http://www.dlink.com/products/resource.asp?pid=66&rid=316

    The DI-604 is just a router that provides NAT and some additional
    features found in any firewall, but it is not a firewall. This is about
    the same as any other router on the market, mostly marketing hype.

    Now you know why I brought up the difference between NAT devices and
    Firewalls.

    --
    --
    spamfree999@rrohio.com
    (Remove 999 to reply to me)
  6. Archived from groups: comp.security.firewalls (More info?)

    Leythos said in
    news:MPG.1b40efbb96542ae398a67b@news-server.columbus.rr.com:
    > In article <H-ydne5BMd9LiErd4p2dnA@comcast.com>, reply2newsgroup@see-
    > sig4email.invalid says...
    >> Leythos said in
    >> news:MPG.1b40da6a4fe624c298a67a@news-server.columbus.rr.com:
    >>> In article <J4mdnZ9qBojllkrd4p2dnA@comcast.com>,
    >>> reply-to-newsgroup@to- email.use-Reply.obey-signature.invalid
    >>> says...
    >>>>
    >>>> Well, firewalls won't protect you from viruses in communications
    >>>> that YOU establish. Obviously if you can browse the Internet then
    >>>> you have an outbound hole punched in your firewalls to permit that
    >>>> connection. That means you can also do downloads. Same for
    >>>> e-mails. Do you have anti-virus software (and does it auto-update
    >>>> several times per week and maybe once, or more, per day)? Do you
    >>>> periodically scan for spyware (which is not detected by anti-virus
    >>>> products)?
    >>>
    >>> You've got your definition of Firewall and NAT devices mixed up.
    >>> Firewalls can protect you while you are making a connection to a
    >>> site <snip>
    >>
    >> When did *I* ever mention NAT (network address translation)? I don't
    >
    > You indicated that the outbound would be unfiltered - this only
    > happens in the NAT router type devices, not firewalls. (at least I
    > think that you typed something like that).

    I can filter outbound connections using URL filtering using something
    like a proxy, say PC Magazine's CookieCop, which is obviously not a
    firewall and also obviously nothing to do with NAT. Not having any
    firewall software or hardware and no router, and just connecting the NIC
    directly to the cable modem, also would not filter outbound traffic and
    obviously NAT isn't even used in this scenario. Filtering
    outbound/inbound traffic, or the lack of it, has nothing to do with NAT.
    Network Address Translation has to do with wrapping another envelope
    around your traffic from one host when it connects to the Internet so
    the target host's response can be unwrapped and then sent to the correct
    internal host on your network. To your ISP and to the target host, only
    one host is generating outbound traffic (your NAT device) and that is
    the host to which any response traffic gets sent (and then it gets
    unwrapped to redirect to the correct internal host). NAT by itself does
    no filtering. It hides the structure of your intranetwork. As such, it
    provides some protection against hacking attempts. It does nothing to
    control the content of your traffic - in or out. See
    http://snipurl.com/78us. Actually you and I may be in vehement
    agreement that NAT does no filtering but have simply stated it
    differently.

    Lacking the detection of unauthorized outbound connections is not just a
    property of NAT routers. Windows XP's firewall doesn't check nor
    restrict outbound connections, even from spyware, but is still
    considered a firewall. Neither does BlackIce block outbound
    connections. Not restricting outbound connections (which are not
    initiated by permitted inbound connections) does not disqualify a
    product as a firewall. I'm pretty sure every firewall product could be
    configured to permit fully unrestricted and unfiltered outbound traffic.

    A firewall in a router won't know what application generated that
    traffic. The advantage of using a software firewall on a host is that
    it can track which applications are authorized to have Internet access
    and which do not. With a local firewall program, you can define rules
    for your applications. On the router, you can't, so the rules on the
    router will not be based on applications but rather on what types of
    traffic is permitted and from where. The DI-604 does permit you to
    define rules based on host (MAC or IP), traffic type (protocol), and
    destination (LAN and/or WAN). While these same rules can be defined in
    your software firewall (and usually are), they are the only types you
    can define on the separate router host (because the applications aren't
    running there). So not having application rules (for Internet access)
    does not disqualify a firewall built into a router as a firewall.

    The other fallacy (for software firewalls) is that checking the program
    wanting outbound connections is authorized (by the user via prompt or
    using automatic rules for known applications) will really provide much
    security. This is not as protective as many would think. Once a user
    permits, say, IE to have outbound connections then other programs can
    use IE's libraries to also make those outbound connections. They hide
    behind IE and since you authorized IE to have outbound connections then
    you also authorize any program that can use IE to have outbound
    connections. Norton's firewall has a couple of added features under its
    Firewall tab options that let you know what initiated IE, or any
    authorized program, to make a connection:

    - Check access settings for external modules that programs use to
    connect to the Internet.

    - When one program launches another, check Internet access settings for
    each program.

    I only use the second option. Enabling both options can make using your
    computer rather tedious with all the prompts and having to investigate
    each module that is trying to get a connection (and which may be getting
    that connection through another module). Without these options, if you
    have previously authorized IE to make connections then you won't get
    another prompt for it when something other than IE is really initiating
    the connection. However, with these options, if another program runs
    IE, like the Help and Support feature, then you will get prompted that
    an unauthorized program A is trying to use authorized program B to make
    an Internet connection. Go to http://tooleaky.zensoft.com/ and run the
    test program to show you that authorizing IE will also authorize any
    program that uses IE to make a connection (after the test, I found that
    I had to kill the tooleaky process since it didn't unload by itself).

    While Norton has these options, I doubt many of its users actually
    employ them, and I suspect some other firewall products do not these
    features. Again, these additional features enhances a firewall's
    function but the lack of them do not disqualify a product as a firewall.

    <snip>
    >> By the way, the DI-604 mentioned does have a built-in firewall
    >> besides the NAT function. It doesn't replace using anti-virus and
    >> anti-spyware products on your desktop hosts or on a gateway host and
    >> the number of firewall rules and URL filters is limited but it is
    >> still very useful (and more so than the Windows XP included
    >> firewall). A discussion of the DI-604 and many other NAT routers
    >> does include both NAT and firewall topics because many provide both
    >> functions.
    >
    > The DI-604 does not have a "built-in firewall" it has a couple
    > features found in most firewall systems. NAT, MAC filtering, IP
    > Filtering, URL Filtering, Domain Blocking do not make it a firewall,
    > they make it a very nice NAT router with some good features.
    > Reference: http://www.dlink.com/products/resource.asp?pid=62&rid=303

    The lack of stateful packet inspection (SPI) provides additional
    protection for the firewall that incorporates this feature. The lack of
    this feature does not disqualify a product from being a firewall
    program. Note that "intrusion detection" is a behavioral analysis check
    usually based on algorithms to detect methods for known hack attempts.
    IP spoofing is eliminated by SPI while port scans are eliminated by
    intrusion detection.

    > This one is a lot closer to a firewall than the DI-604:
    > http://www.dlink.com/products/?pid=66
    > Spec's at:
    > http://www.dlink.com/products/resource.asp?pid=66&rid=316
    >
    > The DI-604 is just a router that provides NAT and some additional
    > features found in any firewall, but it is not a firewall. This is
    > about the same as any other router on the market, mostly marketing
    > hype.

    So then YOU provide what is the minimal definition of a firewall. What
    features the top-notch, multi-hundreds of dollars firewall products
    possess do not define a firewall because then only the most fantastic
    and all-encompassing product produced later could then be called a
    firewall and every product that used to be called a firewall can no
    longer be called a firewall. An 8086 chip is still a CPU although we're
    using P4's today.

    Fact is, the definition of what is a firewall is very loose. BlackIce's
    web page say it is a firewall but in their defensive correspondence they
    claim is isn't exactly a firewall but more a behavioral analysis program
    (i.e., intrusion detector); see http://grc.com/lt/bidresponse.htm.
    Windows XP's firewall has SPI. Is the lack of SPI enough to disqualify
    a firewall from being a firewall? I see articles like
    http://www.fact-index.com/s/st/stateful_firewall.html where it says SPI
    is a feature of more advanced firewalls, but that means less advanced
    firewalls without SPI were still deemed firewalls (see
    http://www.fact-index.com/s/st/stateless_firewall.html for a definition
    of stateless *firewalls*). If you read the link for the definition of a
    firewall, all it mentions is that it is a means of enforcing policy in
    regards to traffic, and rules are used. The DI-604 has rules. I think
    you are adding way too many of the features of newer firewalls used to
    enhance and extend security beyond what qualifies as a basic firewall.

    Yes, the DFL-300 has a better firewall than does the DI-604, but this
    does NOT mean the DI-604 has no firewall. Just because 200-pound
    watermelons exist does not mean all the 20-pound watermelons are no
    longer watermelons.

    > Now you know why I brought up the difference between NAT devices and
    > Firewalls.

    I wonder how long ago we lost Roy, the OP. ;->

    --
    ____________________________________________________________
    *** Post replies to newsgroup. Share with others.
    *** Email domain = ".com" *AND* append "=NEWS=" to Subject.
    ____________________________________________________________
  7. Archived from groups: comp.security.firewalls (More info?)

    I am currently running Win XP Pro SP2 RC2, Dlink 604 Router, along with
    Trend Micro's Pc-Cillin Anti Virus 2004, which updates every three hours and
    in my opinion is an excellent product. I also check regularly for Trojans,
    spyware, and cookies, using Ad-Aware 6.0, Pest Patrol, and Spy Bot 1.3.
    Above all else, I do practice safe hex, and feel that I have done just about
    everything possible to keep my machine safe, short of shutting it off.
    Thanks for all your help!

    "*Vanguard*" <reply-to-newsgroup@to-email.use-Reply.obey-signature.invalid>
    wrote in message news:J4mdnZ9qBojllkrd4p2dnA@comcast.com...
    > Roy said in news:xGnBc.834614$Ig.198794@pd7tw2no:
    >> Thanks, I just wanted to make sure that I had all my bases covered.
    >>
    >> Now onward to the internet surfing.
    >>
    >
    > Well, firewalls won't protect you from viruses in communications that
    > YOU establish. Obviously if you can browse the Internet then you have
    > an outbound hole punched in your firewalls to permit that connection.
    > That means you can also do downloads. Same for e-mails. Do you have
    > anti-virus software (and does it auto-update several times per week and
    > maybe once, or more, per day)? Do you periodically scan for spyware
    > (which is not detected by anti-virus products)?
    >
    >
  8. Archived from groups: comp.security.firewalls (More info?)

    In article <iOOBc.856664$Ig.523726@pd7tw2no>, nobody@shaw.ca says...
    > Actually I am reading all this and trying to learn from it. But I must say
    > that your level of knowledge is way above mine when discussing this topic.

    It's only above you until you learn a little more - and you are on the
    right track from the sound of it.

    > I asked a simple question, and have received answers that require me to
    > search the web further for clarification on your conversation topics. My
    > level of understanding is way below your knowledge of how routers and
    > firewalls work.

    Stick with us and you've understand just fine, that's what we're here
    for.

    > I will continue to use my Win XP Pro SP2 RC2, D-Link 604, Zonealarm Pro,
    > Trend Micro PC-Cillin AV, Ad-Aware, Spybot, Pest Patrol, and safe hex.
    > Hopefully I can survive! But I know that someone somewhere will come up with
    > a way to defeat my system, and I will continue to look for ways and
    > equipment to defeat them and achieve piece of mind.

    Your SP2 is doing very little for you, but the Router and ZA are doing
    the majority of the work for you.

    Think about inbound attacks in this order:

    Internet
    |
    Cable Modem / DSL Modem
    |
    Router w/NAT - stops anything you didn't invite IN
    |
    Zone Alarm Pro - same as router, more granular control of PC
    |
    SP2 - lets in what you configured it to let in
    |
    Your PC

    The other things just work on things that actually make it pas the
    others and get to the "Your PC" level.

    On outbound you have the following path:

    AV software / other software on your machine, email, etc...
    |
    Your PC
    |
    SP2 - lets everything out
    |
    Zone Alarm - lets out anything you permit out (prone to user errors)
    |
    Router w/NAT - lets everything out (in general)
    |
    Cable Modem / DSL Modem
    |
    Internet

    With everything you are running on your computer, I'm sure you are
    having some performance issues, but I would say that you are a lot
    better protected that 90% of the people out there right now. Stick with
    us, we'll keep answering your questions.


    --
    --
    spamfree999@rrohio.com
    (Remove 999 to reply to me)
  9. Archived from groups: comp.security.firewalls (More info?)

    Well, I'll agree with you that the "firewall" (misnamed or not) is not
    an extremely protective device. There's no way that I'd use the
    consumer-grade NAT routers (with "firewall-like" features) without also
    employing a software firewall product running on my host(s) or a gateway
    to them.

    Thanks for the info.
  10. Archived from groups: comp.security.firewalls (More info?)

    In article <DKydncrXBLSqNEXdRVn-gQ@comcast.com>, reply-to-newsgroup@do-
    not-email.invalid says...
    > Well, I'll agree with you that the "firewall" (misnamed or not) is not
    > an extremely protective device. There's no way that I'd use the

    Uhm, I disagree - a "Firewall" not a misnamed router, is a very
    protective service/device and can limit your exposure to bad things to
    less than 1% of what a router/NAT system would.

    > consumer-grade NAT routers (with "firewall-like" features) without also
    > employing a software firewall product running on my host(s) or a gateway
    > to them.

    I don't install "soft" firewalls on machines using used by people. A
    properly configured firewall, log readings, IDS, and quality AV software
    mean you don't really have to run them on hosts. Unless you configure
    the rules and block users from making changes, a host based firewall is
    easily compromised by the user.


    --
    --
    spamfree999@rrohio.com
    (Remove 999 to reply to me)
  11. Archived from groups: comp.security.firewalls (More info?)

    Leythos said in
    news:MPG.1b427a8d4853166198a68e@news-server.columbus.rr.com:
    >
    > I don't install "soft" firewalls on machines using used by people. A
    > properly configured firewall, log readings, IDS, and quality AV
    > software mean you don't really have to run them on hosts. Unless you
    > configure the rules and block users from making changes, a host based
    > firewall is easily compromised by the user.
    >

    In the environment in which a user would be deploying a DLink DI-604 NAT
    router, ALL the hosts are under their control, including your concept of
    using a separate gateway or proxy host running the firewall and
    anti-virus programs. So any compromise of a software firewall running
    on any of their intranet hosts would extend to the gateway/proxy host
    where you separately would run the firewall. I doubt Roy was using the
    DI-604 in a corporate environment. A DI-604 would be a bad joke in a
    corporate environment, but also a bad joke is someone using a $5000
    Cisco IOS Firewall device (or even a $300+ DLink DFL-300) in a home
    network to protect a single $500 consumer-grade PC. The "implied
    environment" was some guy at home with one or two computers connected to
    the cheapie DLink DI-604, not a small business of 25+ employees or a
    corporate environment of hundreds of employees. I was keeping the cost,
    which includes management, expertise level, and complexity of equipment
    within the realm of the assumed environment: a home PC user. You need
    to employ the grade and cost of equipment and management suitable to the
    environment in which it gets deployed.

    --
    ____________________________________________________________
    *** Post replies to newsgroup. Share with others.
    *** Email domain = ".com" *AND* append "=NEWS=" to Subject.
    ____________________________________________________________
  12. Archived from groups: comp.security.firewalls (More info?)

    On Tue, 22 Jun 2004 04:43:58 GMT, "Roy" <nobody@shaw.ca> wrote:

    >I will continue to use my Win XP Pro SP2 RC2, D-Link 604, Zonealarm Pro,
    >Trend Micro PC-Cillin AV, Ad-Aware, Spybot, Pest Patrol, and safe hex.
    >Hopefully I can survive! But I know that someone somewhere will come up with
    >a way to defeat my system, and I will continue to look for ways and
    >equipment to defeat them and achieve piece of mind.

    I doubt it. You have to think of it like a burglar. If your system
    has open doors, or is very easy access, they'll come in and have a
    look around. If your system is tightly secured they'll move on and
    look elsewhere.

    Sure they MAY be able to crack a way in if they put a massive amount
    of effort into it but, no offense, are you really worth it? Only if
    they think there's something desperately worth it would they even
    bother trying.

    Myself and my neighbour have heavily encrypted our wireless networks,
    not to mention hardware firewalls, NAT routers, MAC address filtering,
    software firewalls, AV software, anti-spyware, sensitive files
    encrypted and password protected. Why bother trying to crack open our
    wireless networks when there is a third from somewhere else in the
    street with no encryption at all?
  13. Archived from groups: comp.security.firewalls (More info?)

    In article <7pudnVUx5b_da0XdRVn-jw@comcast.com>, reply-to-newsgroup@do-
    not-email.invalid says...
    > I doubt Roy was using the
    > DI-604 in a corporate environment. A DI-604 would be a bad joke in a
    > corporate environment, but also a bad joke is someone using a $5000
    > Cisco IOS Firewall device (or even a $300+ DLink DFL-300) in a home
    > network to protect a single $500 consumer-grade PC. The "implied
    > environment" was some guy at home with one or two computers connected to
    > the cheapie DLink DI-604, not a small business of 25+ employees or a
    > corporate environment of hundreds of employees.

    I fully understand the implications of his post, and I fully understand
    the levels of protections. My beef is with people being told that
    NAT/SPI makes their product a firewall when it really is just a router
    with some firewall "LIKE" features.

    While I don't advocate installing a "Firewall" in homes, I do make it a
    point to try and explain the difference between a firewall and a router.
    Some people may have sensitive information on their home computers, some
    may care that they are not getting a real firewall (and all the
    protection that a REAL firewall affords them), and some people may be
    willing to spend $400 for a real firewall device instead of the $50/100
    that they spent on the router.

    I read an article last night where D&T estimates that 1.4 million people
    had their identities stolen, 90% of them were done in the last year.


    --
    --
    spamfree999@rrohio.com
    (Remove 999 to reply to me)
  14. Archived from groups: comp.security.firewalls (More info?)

    On Wed, 23 Jun 2004 12:49:56 GMT, Leythos <void@nowhere.com> wrote:

    >If the device is a router with NAT, that may or may not employ SPI, then
    >it's just want I wrote, a NAT router with SPI, not a firewall. By
    >default, your device permits all outbound traffic completely
    >unrestricted, and does not have rules for blocking services/ports by IP
    >address inside the lan.

    I have not tried to configure any new rules for outbound traffic on
    the router, principally because there are only two machines on the LAN
    and both have ZoneAlarm on so I can keep track of what is looking to
    send information out.

    However it is perfectly possible to block services and ports outbound
    on the router, although AFAIK not by IP address. Instead the rules
    are global, affecting all machines using the router as a means to
    access the internet. This can be circumvented by setting a single IP
    address as the master computer which bypasses any restrictions imposed
    by the router, including restricted websites and so on.

    I have no wish to restrict any internet activities of myself or the
    Mrs, but I do like to be sure that the risk of trojans etc is
    minimised as much as possible, hence ZA, together with AV and spyware
    progs.

    Would I need anything more for my home LAN?
  15. Archived from groups: comp.security.firewalls (More info?)

    In article <al3jd01bq5hloeqd1j6vh512givkq4khmv@4ax.com>,
    plesbit@hotmail.com says...
    > I have no wish to restrict any internet activities of myself or the
    > Mrs, but I do like to be sure that the risk of trojans etc is
    > minimised as much as possible, hence ZA, together with AV and spyware
    > progs.
    >
    > Would I need anything more for my home LAN?

    For a home network, a NAT device, quality AV software, a detection tool
    like "Spybot Search and Destroy" the one from www.safer-networking.org
    and your own ZA, should put you in the well protected category.

    Spybot can be found at http://www.safer-networking.org/


    --
    --
    spamfree999@rrohio.com
    (Remove 999 to reply to me)
  16. Archived from groups: comp.security.firewalls (More info?)

    On Wed, 23 Jun 2004 10:54:46 +0100, Simon Pleasants
    <plesbit@hotmail.com> wrote:

    >Why bother trying to crack open our
    >wireless networks when there is a third from somewhere else in the
    >street with no encryption at all?

    Oh, possibly because of the challenge, it's amazing what tools are
    available, airsnort for example

    http://airsnort.shmoo.com/

    "AirSnort is a wireless LAN (WLAN) tool which recovers encryption
    keys. AirSnort operates by passively monitoring transmissions,
    computing the encryption key when enough packets have been gathered."
Ask a new question

Read More

Firewalls Routers D-Link Trend Micro Networking