Re: Networking over mains cables

In message <e082390550.jess@xxxxxxxxxxxxxxxxxx>
Jess <phantasm_39@xxxxxxxxxxx> wrote:

In message <cf114b0250.chris@xxxxxxxxxxxxxxxxxxxx>
Chris Hughes <news@xxxxxxxxxxxxxxx> wrote:

Seriously very bad advice. All the router's firewall does *is* try and
block attacks from the outside but it can *not* stop them all, a

So how does the connection to your router's ip get forwarded to the
computer's ip then? (Unless it has been specifically allowed, or the
router has been hacked, in the latter case you'd be pretty stuffed
anyway, because no-one would go to that much trouble if they couldn't
overcome windows security software on the the other side.)

Just because a Router has NAT does NOT stop incoming traffic
especially on the standard WWW and email ports, these get accepted
pretty much by default otherwise you have no internet access! You can
block some specific sites etc in *some* routers and more so in the
enterprise routers used by business.

A NAT firewall will NOT stop Trojans etc embedded in web pages etc..
Nor will it stop spam/malware in your email (unless your router has
some facility to block email addresss).

You need to ensure you have turned off any built in FTP and/or WWW
services ports if you are not FTP or WWW servers on your network for
accessing from the internet. Some routers have it diabled by default
some don't.

The NAT router will usually block all the other ports unless you open
them, but again you need to be aware of UPnP (Universal Plug and Play)
devices, which can punch a hole through your security if you let them.

Also its possible to remotely manage your router via the internet
while say at work, but again its another possible means of breaching
the router security and thus the firewall. Some have it turn on by
default and some (hopefully most) have it turned off.

software firewall (not the windows in built one ideally), is need to
block outgoing traffic from Trojans for example, etc that got
delivered via your email or webpages.

A software firewall can be turned off by malware. How does the
firewall help if malware uses internet explorer to send information?

Not all malware/trojans etc disables software firewall, they often
work on the basis that not everyone will have a software firewall or
will just accept any outgoing traffic because they know no better.

In any case its a on-going battle between the virus writers, and the
security companies to out wit each other, thats why much more of the
current series of attacks now comes in hidden payloads in webpages.

As IE uses the normal web ports, it can be difficult, but its when the
payload tries to talk home when the software firewall will hopefully
kick in and say "Hey do you want this program to send your bank
details etc to the Russian Mafia" thus you have a better chance to
stop it and then you also then know you might be infected and thus can
run the necessary AV or anti-malware program to deal with it if you
are lucky.

You are much safer preventing the malware getting in by disabling the
ways they get in than, by hoping that the authors haven't though about
ways to bypass or disable software firewalls.

If you believe you are safe to surf the net - best of luck, because
you are deluding yourself.

A NAT firewall will happily allow you to visit any website you want,
but will NOT stop a hidden payload on that website/web page being
delivered to your computer (OK its can't do much on RISC OS itself),
but it does not mean it won't on some of the other platforms - mainly
Windows, followed by Mac's and Linux.

Also consider this fact, new viruses/Trojans are now attacking Sat Nav
systems, and Mobile Phones and have been building up slowly over the
past couple of years, these devices often get connected to your
computer, the NAT firewall can't stop this route for attacking your
systems only the software firewall has a chance. - That is exactly how
it was discovered that for around 2 months during 2007 IIRC some
TomTom Sat Nav devices had been supplied with a Trojan installed and
got stopped calling home by the software firewall.

It is expected there will be a massive increase in these attacks next
years.

--
Chris Hughes
.

Relevant Pages

  • Re: Networking over mains cables
    ... whether the router does or not, and the person I bought it from would, ... computers behind it from attacks from the outside. ... software firewall (not the windows in built one ideally), ...
    (comp.sys.acorn.networking)
  • Re: Internet Connection Firewall W/XP2
    ... > To setup my 3com ADSL router I needed also to disable my software firewall ... > firewall enabled or disabled, ... additional protection from attacks from the internet. ...
    (microsoft.public.security)
  • RE: [fw-wiz] Worms, Air Gaps and Responsibility
    ... Multiplatform attacks are due but I personally doubt the router is the ... secondary target of choice, unfortunately my money's on PDAs and cell ... Lots of places don't have time/knowledge for even tactical security. ...
    (Firewall-Wizards)
  • Re: Firewalls and Wireless Routers
    ... this confirms the fact that a strong Software firewall is an essential part ... Since a combination of superb anti-virus software and a superb router would ... it is in direct response to any Unauthorized outbound communication ...
    (microsoft.public.windowsxp.general)
  • Re: Best free firewall software
    ... Eventually, yes, to test the effectiveness of my router. ... But I'm frankly more worried about the effectiveness of the software firewall on my laptop, since it's my only defense when I travel. ... It says to download NMap, which I did, then to run NMap from my machine, which I did. ... I'd like to do what I can to keep at least this level of protection in the future or improve it, but I'm not willing to restrict the usability of my machine for the sake of being pure or to establish an unneeded level of protection. ...
    (comp.security.firewalls)