Jump to content

firewall/router question

Guest richard

By Guest richard
in Windows ME

 Share

Recommended Posts

Guest richard

Guest richard

Posted
Posted

Ever since I set up a wireless router, Zone Alarm has not recorded one

attempted intrusion. Prior to the router, there were usually dozens.

Is the router's security/encryption (WPA) blocking the intrusions before

they get to Zone Alarm??

 

tia

  • Replies 15
  • Created
  • Last Reply

Popular Days

Popular Days

Guest David H. Lipman

Guest David H. Lipman

Posted
Posted

Re: firewall/router question

 

From: "richard" <rmk@wonderland.net>

 

| Ever since I set up a wireless router, Zone Alarm has not recorded one

| attempted intrusion. Prior to the router, there were usually dozens.

| Is the router's security/encryption (WPA) blocking the intrusions before

| they get to Zone Alarm??

 

| tia

 

No, Network Address Translation (NAT) is blocking the activity. NAT is a foundation of

SOHO Routers and is why NAT Routers and NAT Rouers with full FireWall implemntations

(akak; FireWall Appliance) are better than software based FireWalls.

 

--

Dave

http://www.claymania.com/removal-trojan-adware.html

Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

Guest Mike M

Guest Mike M

Posted
Posted

Re: firewall/router question

 

WPA has nothing to do with this, WPA being the encryption used for the

wireless link between your system(s) and the router. What is a factor is

that the router is no doubt using NAT, Network Address Translation. What

this means is that the router, facing the internet is using one IP

(network address) whereas on the private side it is using another, usually

in the range 192.168.x.x, with your connected systems also using addresses

in the private 192.168.x.x range. External traffic hits the router and is

only routed to your internal PC(s) when the incoming packets are in

response to requests you have made (assuming you aren't running a server).

In other words all the nasties are knocking at the door of the router and

going no where.

 

It is for this reason that many of us have long recommended the use of a

router even if the user only has the one system. Routers with NAT are

invariably better than most firewalls at blocking intrusions and at the

same time relieve the load on the local system. Not that running a

firewall on your system doesn't have benefits as it allows you some

control over what goes _out_ rather than comes in however when it comes to

nasties, if they are stopped on the way out this means you are already

compromised, perhaps as a result of opening an attachment in an e-mail or

visiting a malicious web site. However not everything wanting to call home

is necessarily malicious, sometimes simply unwanted, such as happens with

many legitimate applications and operating systems.

--

Mike Maltby

mike.maltby@gmail.com

 

 

 

richard <rmk@wonderland.net> wrote:

> Ever since I set up a wireless router, Zone Alarm has not recorded one

> attempted intrusion. Prior to the router, there were usually dozens.

> Is the router's security/encryption (WPA) blocking the intrusions

> before they get to Zone Alarm??

>

> tia

Guest richard

Guest richard

Posted
Posted

Re: firewall/router question

 

Hi Mike,

I don't know much about these things, but let me ask a question. When I

go to one of the sites that finds one's IP address, it finds mine,

always the same. How can it do that if the router is sending out another IP.

 

My setup is simple: cable into modem, modem into router, router into my

PC. I am using a LinkSys wrt54gl. Have I set up the router incorrectly

perhaps?

 

Thanks

 

Mike M wrote:

> WPA has nothing to do with this, WPA being the encryption used for the

> wireless link between your system(s) and the router. What is a factor

> is that the router is no doubt using NAT, Network Address Translation.

> What this means is that the router, facing the internet is using one IP

> (network address) whereas on the private side it is using another,

> usually in the range 192.168.x.x, with your connected systems also using

> addresses in the private 192.168.x.x range. External traffic hits the

> router and is only routed to your internal PC(s) when the incoming

> packets are in response to requests you have made (assuming you aren't

> running a server). In other words all the nasties are knocking at the

> door of the router and going no where.

>

> It is for this reason that many of us have long recommended the use of a

> router even if the user only has the one system. Routers with NAT are

> invariably better than most firewalls at blocking intrusions and at the

> same time relieve the load on the local system. Not that running a

> firewall on your system doesn't have benefits as it allows you some

> control over what goes _out_ rather than comes in however when it comes

> to nasties, if they are stopped on the way out this means you are

> already compromised, perhaps as a result of opening an attachment in an

> e-mail or visiting a malicious web site. However not everything wanting

> to call home is necessarily malicious, sometimes simply unwanted, such

> as happens with many legitimate applications and operating systems.

Guest richard

Guest richard

Posted
Posted

Re: firewall/router question

 

PS--when I checked my IP via ipconfig, the number began 192.168. The IP

that is always returned the same via the Find My IP sites begins 67.172.

Perhaps those numbers will help you to explain what I am asking.

Thanks

 

richard wrote:

> Hi Mike,

> I don't know much about these things, but let me ask a question. When I

> go to one of the sites that finds one's IP address, it finds mine,

> always the same. How can it do that if the router is sending out another

> IP.

>

> My setup is simple: cable into modem, modem into router, router into my

> PC. I am using a LinkSys wrt54gl. Have I set up the router incorrectly

> perhaps?

>

> Thanks

>

> Mike M wrote:

>> WPA has nothing to do with this, WPA being the encryption used for the

>> wireless link between your system(s) and the router. What is a factor

>> is that the router is no doubt using NAT, Network Address

>> Translation. What this means is that the router, facing the internet

>> is using one IP (network address) whereas on the private side it is

>> using another, usually in the range 192.168.x.x, with your connected

>> systems also using addresses in the private 192.168.x.x range.

>> External traffic hits the router and is only routed to your internal

>> PC(s) when the incoming packets are in response to requests you have

>> made (assuming you aren't running a server). In other words all the

>> nasties are knocking at the door of the router and going no where.

>>

>> It is for this reason that many of us have long recommended the use of

>> a router even if the user only has the one system. Routers with NAT

>> are invariably better than most firewalls at blocking intrusions and

>> at the same time relieve the load on the local system. Not that

>> running a firewall on your system doesn't have benefits as it allows

>> you some control over what goes _out_ rather than comes in however

>> when it comes to nasties, if they are stopped on the way out this

>> means you are already compromised, perhaps as a result of opening an

>> attachment in an e-mail or visiting a malicious web site. However not

>> everything wanting to call home is necessarily malicious, sometimes

>> simply unwanted, such as happens with many legitimate applications and

>> operating systems.

Guest David H. Lipman

Guest David H. Lipman

Posted
Posted

Re: firewall/router question

 

From: "richard" <rmk@wonderland.net>

 

| Hi Mike,

| I don't know much about these things, but let me ask a question. When I

| go to one of the sites that finds one's IP address, it finds mine,

| always the same. How can it do that if the router is sending out another IP.

 

| My setup is simple: cable into modem, modem into router, router into my

| PC. I am using a LinkSys wrt54gl. Have I set up the router incorrectly

| perhaps?

 

| Thanks

 

 

You have two IP addresses. One on the LAN side of the Router and one on the Internet

(WAN) side of the Router.

 

The translation between WAN and LAN addreses is what the Router does. This is the nature

of of NAT as well.

 

--

Dave

http://www.claymania.com/removal-trojan-adware.html

Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

Guest Heather

Guest Heather

Posted
Posted

Re: firewall/router question

 

 

"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message

news:%231QiJGcKJHA.3756@TK2MSFTNGP05.phx.gbl...

>

>

> You have two IP addresses. One on the LAN side of the Router and one

> on the Internet (WAN) side of the Router.

>

> The translation between WAN and LAN addreses is what the Router does.

> This is the nature of of NAT as well.

>

I shall have to pick your collective brains later. I still have that

blasted D-Link Wireless router sitting here NOT connected up. I don't

have one clue on this piece of junk and need to put it on before Elayne

comes. I did manage to get it working 2 Christmases ago, but don't know

how. It is a model DI-764, I believe.

 

Night.....root canal in the morning......wahhhhhh!!

 

Figgs

Guest Mike M

Guest Mike M

Posted
Posted

Re: firewall/router question

 

Richard,

 

As I explained in my original post and again by David, your router has one

IP address that is outward facing, that is on the internet or WAN side

(in your case one in the 67.172 range) and your PC and everything on your

side (LAN side) of the router (including the router itself) has an address

in the private range 192.168.x.x. Note that addresses in the 192.168

range are what are called private addresses and non routable over the

internet, the same is true for those in the 10.x.x.x and 172.16.xx -

172.31.255.255 ranges. That is any traffic sent to such an address on the

internet will not go further than the first router it encounters. When

traffic hits your router from the internet your router then translates the

address to an internal address and forwards the packet (hence the NAT) or

drops the packet if it had not been requested by your system (the firewall

effect).

--

Mike Maltby

mike.maltby@gmail.com

 

 

richard <rmk@wonderland.net> wrote:

> PS--when I checked my IP via ipconfig, the number began 192.168. The

> IP that is always returned the same via the Find My IP sites begins

> 67.172. Perhaps those numbers will help you to explain what I am

> asking.

Guest Joan Archer

Guest Joan Archer

Posted
Posted

Re: firewall/router question

 

If you had it working then, why did you stop using it ?

Joan

 

--

Joan Archer

http://www.freewebs.com/crossstitcher

http://lachsoft.com/photogallery

 

"Heather" <figgyd@nospam.invalid> wrote in message

news:#6xVCjcKJHA.5232@TK2MSFTNGP05.phx.gbl...

>

> "David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message

> news:%231QiJGcKJHA.3756@TK2MSFTNGP05.phx.gbl...

>>

>>

>> You have two IP addresses. One on the LAN side of the Router and one on

>> the Internet (WAN) side of the Router.

>>

>> The translation between WAN and LAN addreses is what the Router does.

>> This is the nature of of NAT as well.

>>

> I shall have to pick your collective brains later. I still have that

> blasted D-Link Wireless router sitting here NOT connected up. I don't

> have one clue on this piece of junk and need to put it on before Elayne

> comes. I did manage to get it working 2 Christmases ago, but don't know

> how. It is a model DI-764, I believe.

>

> Night.....root canal in the morning......wahhhhhh!!

>

> Figgs

>

Guest David H. Lipman

Guest David H. Lipman

Posted
Posted

Re: firewall/router question

 

From: "Heather" <figgyd@nospam.invalid>

 

 

 

| I shall have to pick your collective brains later. I still have that

| blasted D-Link Wireless router sitting here NOT connected up. I don't

| have one clue on this piece of junk and need to put it on before Elayne

| comes. I did manage to get it working 2 Christmases ago, but don't know

| how. It is a model DI-764, I believe.

 

| Night.....root canal in the morning......wahhhhhh!!

 

| Figgs

 

 

You can pick my brain (all 2 cells left) however you can't pick my nose. :-)

 

 

--

Dave

http://www.claymania.com/removal-trojan-adware.html

Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

Guest bagger

Guest bagger

Posted
Posted

Re: firewall/router question

 

>>Routers with NAT are

invariably better than most firewalls at blocking intrusions and at the

same time relieve the load on the local system. <<

 

Any suggestions on a router for an old computer on a cable modem?

Guest Heather

Guest Heather

Posted
Posted

Re: firewall/router question

 

Cuz it interfered with Pogo!! IIRC. I just run with the XP firewall.

It tests out better on GRC's website than the router. I also had ZA and

I like the fact it catches outgoing stuff.....but it is also disabled.

 

And the root canal was beyond horrendous!!!!! My gorgeous new dentist

(Dr. McDreamy) was quite upset at the pain I was in. We discussed

calling it quits and me going to a specialist to be totally

anaesthetized, but between my Ativan and his Nitrous Oxide and me

allowing him *just one more try* at getting to the nerve, he got there.

 

Seems the nerve was horribly inflamed (not infected) and he had to

literately get to it in order to freeze it. It also seems that merely

freezing me up to my eyeballs does not always get down into the

nerve......I never want to go thru that again!! I have had at least 6

root canals over the years and never, ever has one hurt one IOTA!!

 

I hate getting OLD!! My body is falling apart, lol. Mind you, he said

"you have one hell of a pain tolerance".....yeah, yippee!!

 

Figgs

 

 

"Joan Archer" <joanarcher@gmail.com> wrote in message

news:%23YeSoFgKJHA.4280@TK2MSFTNGP04.phx.gbl...

> If you had it working then, why did you stop using it ?

> Joan

>

> --

> Joan Archer

> http://www.freewebs.com/crossstitcher

> http://lachsoft.com/photogallery

>

> "Heather" <figgyd@nospam.invalid> wrote in message

> news:#6xVCjcKJHA.5232@TK2MSFTNGP05.phx.gbl...

>>

>> "David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message

>> news:%231QiJGcKJHA.3756@TK2MSFTNGP05.phx.gbl...

>>>

>>>

>>> You have two IP addresses. One on the LAN side of the Router and

>>> one on the Internet (WAN) side of the Router.

>>>

>>> The translation between WAN and LAN addreses is what the Router

>>> does. This is the nature of of NAT as well.

>>>

>> I shall have to pick your collective brains later. I still have that

>> blasted D-Link Wireless router sitting here NOT connected up. I

>> don't have one clue on this piece of junk and need to put it on

>> before Elayne comes. I did manage to get it working 2 Christmases

>> ago, but don't know how. It is a model DI-764, I believe.

>>

>> Night.....root canal in the morning......wahhhhhh!!

>>

>> Figgs

>>

Guest richard

Guest richard

Posted
Posted

Re: firewall/router question

 

Mike,

 

Perfectly clear now. Thank you.

 

Mike M wrote:

> Richard,

>

> As I explained in my original post and again by David, your router has

> one IP address that is outward facing, that is on the internet or WAN

> side (in your case one in the 67.172 range) and your PC and everything

> on your side (LAN side) of the router (including the router itself) has

> an address in the private range 192.168.x.x. Note that addresses in the

> 192.168 range are what are called private addresses and non routable

> over the internet, the same is true for those in the 10.x.x.x and

> 172.16.xx - 172.31.255.255 ranges. That is any traffic sent to such an

> address on the internet will not go further than the first router it

> encounters. When traffic hits your router from the internet your router

> then translates the address to an internal address and forwards the

> packet (hence the NAT) or drops the packet if it had not been requested

> by your system (the firewall effect).

Guest Joan Archer

Guest Joan Archer

Posted
Posted

Re: firewall/router question

 

Ouch I feel for you and sorry but my pain level is not that high, not that I

have to worry about that had all mine out in my early twenties <g> Not a

pretty site for a young girl, toothless <vbg>

 

Mind you if that dentist was that dreamy I don't suppose you noticed you

naughty girl <g>

 

Know what you mean about getting old, trouble is my mind still tells me I

should be doing this that and the other but my body wont let me, I do try

though honest <g>

 

You take it easy and hope you're feeling better soon.

 

--

Joan Archer

http://www.freewebs.com/crossstitcher

http://lachsoft.com/photogallery

 

"Heather" <figgyd@nospam.invalid> wrote in message

news:eik4w9iKJHA.2164@TK2MSFTNGP02.phx.gbl...

> Cuz it interfered with Pogo!! IIRC. I just run with the XP firewall. It

> tests out better on GRC's website than the router. I also had ZA and I

> like the fact it catches outgoing stuff.....but it is also disabled.

>

> And the root canal was beyond horrendous!!!!! My gorgeous new dentist

> (Dr. McDreamy) was quite upset at the pain I was in. We discussed calling

> it quits and me going to a specialist to be totally anaesthetized, but

> between my Ativan and his Nitrous Oxide and me allowing him *just one more

> try* at getting to the nerve, he got there.

>

> Seems the nerve was horribly inflamed (not infected) and he had to

> literately get to it in order to freeze it. It also seems that merely

> freezing me up to my eyeballs does not always get down into the

> nerve......I never want to go thru that again!! I have had at least 6

> root canals over the years and never, ever has one hurt one IOTA!!

>

> I hate getting OLD!! My body is falling apart, lol. Mind you, he said

> "you have one hell of a pain tolerance".....yeah, yippee!!

>

> Figgs

>

>

Guest David H. Lipman

Guest David H. Lipman

Posted
Posted

Re: firewall/router question

 

From: "bagger" <bagger@discussions.microsoft.com>

>>>Routers with NAT are

| invariably better than most firewalls at blocking intrusions and at the

| same time relieve the load on the local system. <<

 

| Any suggestions on a router for an old computer on a cable modem?

 

Linksys BEFSR41

 

--

Dave

http://www.claymania.com/removal-trojan-adware.html

Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

Guest bagger

Guest bagger

Posted
Posted

Re: firewall/router question

 

Thanks, I have ordered that model.

 

"David H. Lipman" wrote:

> From: "bagger" <bagger@discussions.microsoft.com>

>

> >>>Routers with NAT are

> | invariably better than most firewalls at blocking intrusions and at the

> | same time relieve the load on the local system. <<

>

> | Any suggestions on a router for an old computer on a cable modem?

>

> Linksys BEFSR41

>

> --

> Dave

> http://www.claymania.com/removal-trojan-adware.html

> Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

>

>

>

 Share
Go to topic listing
×
×
  • Create New...