Question about router and security

Toggle sidebar Toggle sidebar
J

Johnbear007

Diamond Member
Jul 1, 2002
4,570
0
0
Im using the US robotics 8000A router (it uses NAT firewall) link to router info if you care

and shileds up shows my port 139 (IDENT) as closed... I also have the windows XP firewall on.. should I use zone alarm also ? or is that redundant? How can I get port 139 to show as stealth?

thanks!
 
JackMDS

JackMDS

Elite Member
Super Moderator
Oct 25, 1999
29,552
429
126
Both the Router and ICF controlling only incoming signal. Thus ICF is useless if you are using NAT (switch it off).

If you want to control every thing install Zone Alarm and configure it manually.
 
J

Johnbear007

Diamond Member
Jul 1, 2002
4,570
0
0
Originally posted by: JackMDS
Both the Router and ICF controlling only incoming signal. Thus ICF is useless if you are using NAT (switch it off).

If you want to control every thing install Zone Alarm and configure it manually.
Click to expand...

Ok thats cool. but how necessary is it? whould one bother with it? is the extra security worth the system resources zone alarm takes?

 
S

Soybomb

Diamond Member
Jun 30, 2000
9,506
2
81
Originally posted by: Johnbear007
Originally posted by: JackMDS
Both the Router and ICF controlling only incoming signal. Thus ICF is useless if you are using NAT (switch it off).

If you want to control every thing install Zone Alarm and configure it manually.
Click to expand...

Ok thats cool. but how necessary is it? whould one bother with it? is the extra security worth the system resources zone alarm takes?
Click to expand...

That depends on how paranoid you are. I wouldn't bother, but if your router/firewall doesn't do any filtering and say you're concerned with a trojan on your box phoning home, then zone alarm should help notify you of that. If you don't feel like thats a risk don't bother.
 
JackMDS

JackMDS

Elite Member
Super Moderator
Oct 25, 1999
29,552
429
126
In the last security scan that I did on my hard drive, it reported that I have 110 modules (DLLs OCXs etc.) and programs that are capable to connect to the Internet.

I even came across a program that suppose to clean your system from Spyware, and in the process of installation install their own Spy module on your hard drive,

All of this is an inside activity, thus it is not protected, not reported, and not logged, by the Entry Level NAT Firewall, or ICF.

Whether you care about such activities or not it is your call.

However to just ignore the knowledge, is like being Paranoid about being cautious.


 
skyking

skyking

Lifer
Nov 21, 2001
22,764
5,925
146
What he said.
You can install a program like Zonealarm, and it will show you everything that is trying to get out of your computer. If you are interested, investigate all these occurences, and you'll learn a lot about some of the less desirable behaviors of a standard windows install.
A person can go overboard, and stop a process that renders your machine unusable, but a little investigation will prevent that from happening. This is the only way I know of to root out trojans in an existing installation. There are software packages that supposedly detect them, but actually stopping an outside connection and bringing it to your attention is the only surefire way.

Edit for spelling.
 
J

Johnbear007

Diamond Member
Jul 1, 2002
4,570
0
0
Originally posted by: skyking
What he said.
You can install a program like Zonealarm, and it will show you everything that is trying to get out of your computer. If you are interested, investigate all these occurences, and you'll learn a lot about some of the less desirable behaviors of a standard windows install.
A person can go overboard, and stop a process that renders your machine unusable, but a little investigation will prevent that from happening. This is the only way I know of to root out trojans in an existing installation. There are software packages that supposedly detect them, but actually stopping an outside connection and bringing it to your attention is the only surefire way.

Edit for spelling.
Click to expand...


the one thing im really concerned about is when zone alarm picks up things like SVC host, and Generic host process for win32...

is there any way to know what these are doing? at any time ive got about 5 SVC host running....

 
G

groovin

Senior member
Jul 24, 2001
857
0
0
i dont know much about winXPs built in firewall except that lots of people dont like it.

i would guess running two software firewalls on your computer might cause some problems. id kill the XP firewall and use zonealarm. as the other guys said, NAT doesnt stop anything from being sent out of your network and once a connection from the inside is initiated itll keep state.
 
skyking

skyking

Lifer
Nov 21, 2001
22,764
5,925
146
Consider this: What do you want your computer to connect to, and why? If it is for some networking protocol you will never use, go into "services" and disable it. Windows OS's will attempt to make connections by default, when these connections have nothing to do with functionality as a standalone desktop machine.
Another reason to carefully study, then disable these spurious services is overhead. Each process and service consumes some system resources, and may add to boot times, etc.
I do not advocate random killing of services and processes, I learned the hard way about that:p
Edit: My firewall logs are full of attempts by lonely computers trying to get connected over the WAN. It is pretty funny, really.
 
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom