Internet Firewalls

leftyf

SSG Stumpy-VA Terrorist
I just got my motosat internet equipment installed and operational last week. One of the first things I did was install and impliment a pretty restrictive environment internet wise.

Firewalls are not easy to set up and often interfere with what you want to do if not configured for the way you want to do business. BUT, if you are going to do any thing other than dialup, you need to implement a firewall and do not disable it unless absolutely necessary.

This is just a small sampling of the probes that I received over a couple of days on the internet:

Time: Aug 10 08:35:48 Source: 82.119.131.182 Destination: 148.64.73.150 In IF: eth0 Out IF: Port: 23 Length: 44 ToS: 0x00 Protocol: TCP Service: Telnet

Time: Aug 10 08:35:58 Source: 217.66.91.99 Destination: 148.64.73.150 In IF: eth0 Out IF: Port: 23 Length: 44 ToS: 0x00 Protocol: TCP Service: Telnet

Time: Aug 10 20:52:50 Source: 125.17.156.236 Destination: 148.64.73.150 In IF: eth0 Out IF: Port: 22 Length: 44 ToS: 0x00 Protocol: TCP Service: SSH

Time: Aug 10 22:23:12 Source: 58.107.2.41 Destination: 148.64.73.150 In IF: eth0 Out IF: Port: 23 Length: 44 ToS: 0x00 Protocol: TCP Service: Telnet

Time: Aug 10 22:56:31 Source: 211.90.93.14 Destination: 148.64.73.150 In IF: eth0 Out IF: Port: Length: 84 ToS: 0x00 Protocol: ICMP Service: Unknown

Time: Aug 10 22:57:27 Source: 125.17.156.236 Destination: 148.64.73.150 In IF: eth0 Out IF: Port: Length: 84 ToS: 0x00 Protocol: ICMP Service: Unknown

Time: Aug 11 09:10:24 Source: 79.3.222.51 Destination: 148.64.73.150 In IF: eth0 Out IF: Port: 23 Length: 44 ToS: 0x00 Protocol: TCP Service: Telnet

This is just a small sampling of the probes that I received over a couple of days on the internet. Today you sure need some insurance to keep you private stuff private.

125.17.156.236 has been particularly interested on getting into my equipment. So, far I've got him nailed. But, nothing is 100%.

Just a word of warning.
 
125.17.156.236 has been particularly interested on getting into my equipment. So, far I've got him nailed. But, nothing is 100%.

Just a word of warning.

125.17.156.236 Record Type: IP Address
OrgName: Asia Pacific Network Information Centre
OrgID: APNIC
Address: PO Box 2131
City: Milton
StateProv: QLD
PostalCode: 4064
Country: AU

ReferralServer: whois://whois.apnic.net

NetRange: 125.0.0.0 - 125.255.255.255
CIDR: 125.0.0.0/8
NetName: APNIC-125
NetHandle: NET-125-0-0-0-1
Parent:
NetType: Allocated to APNIC
NameServer: NS1.APNIC.NET
NameServer: NS3.APNIC.NET
NameServer: NS4.APNIC.NET
NameServer: NS.LACNIC.NET
NameServer: TINNIE.ARIN.NET
NameServer: NS-SEC.RIPE.NET
Comment: This IP address range is not registered in the ARIN database.
Comment: For details, refer to the APNIC Whois Database via
Comment: WHOIS.APNIC.NET or http://www.apnic.net/apnic-bin/whois2.pl
Comment: ** IMPORTANT NOTE: APNIC is the Regional Internet Registry
Comment: for the Asia Pacific region. APNIC does not operate networks
Comment: using this IP address range and is not able to investigate
Comment: spam or abuse reports relating to these addresses. For more
Comment: help, refer to http://www.apnic.net/info/faq/abuse
RegDate: 2005-01-27
Updated: 2005-05-20

OrgTechHandle: AWC12-ARIN
OrgTechName: APNIC Whois Contact
OrgTechPhone: +61 7 3858 3188
OrgTechEmail: search-apnic-not-arin@apnic.net
 

leftyf

SSG Stumpy-VA Terrorist
There was not even this information over the weekend. It was different and specified only 7 ip addresses for some company in China.
 

linuxkidd

Member
Very true lefty... a Firewall is 100% necessary in todays internet world. Even on Dial-up. Bottom line, if your computer connects directly to a public IP address ( i.e. straight to a cable modem, DSL Modem, Cellular broadband card, or even a SHARED wireless network ) You need a firewall.

If on the other hand, you have a Broadband router of some sort that you connect through, then a firewall is of less importance on your actual computer.

I know that several Campgrounds have free WiFi Internet now adays.. It's very tempting just to hop on, and not worry about anything. But, unless you turn on the firewall on your computer, you could be opening yourself up for some unfavorable activities from the outside.

Here's how to make sure your firewall is on:
Windows XP

  1. Click 'Start'
  2. Click 'Control Panel'
  3. This step depends on how your Control Panel looks:
    • If you see several icons in the 'Control Panel', double-click on 'Windows Firewall'.
    • If you have a few Categories, click on 'Network and Internet Connections', then 'Windows Firewall' at the bottom.
  4. Ensure that 'On (Recommended)' is Selected.
  5. Click 'Ok'
  6. Close the 'Control Panel' window.
Windows Vista

  1. When you connect to a network for the first time, Windows Vista will ask you if the network is 'Home', 'Work', or 'Public'. Make sure to select 'Public'. This will turn on your firewall automatically.
  2. If you have already connected, and you wish to find out what type of network Vista thinks you are connected to:
    • Down next to the clock on the task bar (lower right corner), there should be a small icon that looks like a computer screen with a globe over it. If the globe is not present, there may be an X or nothing.. but the Computer screen will still persist.
    • Right click on this icon.
    • Click on 'Network and Sharing'
    • Next to the connection name in this window, it will say 'Public' or 'Private'. From here, you can also change that setting for the network you are connected to.

Hope this helps! Feel free to ask any questions.
LK
 

cjbearden

Visitor
LK

DH & I share an AT&T Broadband wireless card in a Linksys Router. This allows us to be seen as a Wi-Fi connection - a secured one that requires a password. So far, no intrusions. Is there a way to 'hide' our Wi-Fi that is easy to understand? If you can think of some way for us to accomplish this, please provide step by step instructions - "How to Hide Your Wi-Fi For Dummies" type of instructions. :rolleyes:

Thanks. We use Norton Internet Security.

CJ
 

sjrellis

Well-known member
LK, THAT is the kind of instructions I need. Thanks for making it that easy for us "dummies".
 

Ray LeTourneau

Senior Member - Past Moderator
I just downloaded Windows Defender from Microsoft and it was a quick and easy download. The scan results were clean for my PC. We be happy campers now.
 

linuxkidd

Member
cjwigley said:
"How to Hide Your Wi-Fi For Dummies"
CJ: It's actually impossible to completely hide your wireless network. And the technology that exists to attempt to hide wireless is inadequate, and slows your network down... While not providing any real security.

Wireless Security 101
The best thing to do is to turn on encryption for your wireless network called WPA. Some routers call this WPA Personal, WPA-PSK or WPA Pre-Shared Keys. Some routers go a step farther and ask for what type of Key management to use on top of WPA. The default and one you want is called TKIP. (These two settings are sometimes combined and called WPA-TKIP ). This encryption has not been cracked to date.

One other encryption to stay AWAY from is called WEP. This encryption is easily cracked. With the right software (freely available on the net), any person can be on a WEP encrypted network withing about 2 minutes.

The key to using WPA effectively is to have a decent pass phrase to use with it. Something longer than 8 characters, and not based on a dictionary word is best. However, any phrase longer than 8 characters is TONS better than anything less than 8 characters.

But, Why should I secure my wireless??
There are some that think securing your wireless network is not needed. The common thought is "Why would anyone want anything on my network, there's nothing here." That impression is completely wrong. The fact that there are computers and an internet connection make you a valuable target. Whether or not there's any financial or identity theft fodder there is inconsequential. Anyone looking to do something illegal on the internet will always look for another connection to use that isn't their own. Something they cannot be tracked to. I can tell you that helping someone who's network had been hacked, and explaining to them why THEIR internet connection was shut off, or why the internet provider called THEIR house is very eye opening. Especially when you explain to them that it could have easily been prevented.

Mobile Internet Bandwidth Limits
These lessons are even harder now that Verizon has put the 5 gig cap on their mobile internet. Yes, others have a stated 5 gig limit per month, but I single Verizon out because they're the only company (that I know of) to have an Automated response at 5 gig. What is their response? OH, they just charge you $0.25 per Megabyte of overage. Doesn't seem like much right? Until you realize that at that rate, 1 Gig of traffic costs $256.00! So, the hacker wanna be that Joe and Betty in the RV next door brought on their camping trip has now cost you a VERY large sum of money if you want your internet to continue. All easily prevented with a little wireless security.

Also CJ, since you use a wireless router, the Router itself provides an amazingly effective means of securing your computers and network from people out on the internet.

Windows Defender
Ray LeTourneau said:
I just downloaded Windows Defender from Microsoft...

This tool is actually quite good. It does a decent job finding nasty things. It is NOT a replacement for Anti-Virus, but should be considered a valuable add-on to anti-virus software. If you have Windows Vista, don't worry... It's included. If you have Windows XP, you can Download Windows Defender from Microsoft for free.

Multiple Firewalls are better than one, right?
One other thing to note, If you use some other firewall software like Norton Internet Security, or ZoneAlarm, or the like.. The Windows Firewall will almost certainly be turned Off. These products cannot co-exist or overlap in their operation. So, it's one or the other.

Whew... Sorry for the long post guys... Not try'n to scare people at all. Just hope'n that I can help head off some possible problems in the future.


Keep the questions come'n!
LK
 
Last edited:

linuxkidd

Member
Thanks Alex!!

For further clarification.. I think Alex meant $0.25 / Meg, not per gig.. So, ultimately... $256 per Gig of overage. (I'll go update my original post..)

LK

P.S. Great videos! I also highly recommend the use of Shields Up by Steve Gibson of GRC.com. From the link, click on 'Services' at the top menu, then click on 'Sheilds Up'. This test checks for what Steve Gibson coined as 'Stealth mode'. Basically, your computer only accepts traffic it asked for originally, and further... Doesn't respond when extraneous / nefarious requests are received. So, in essence, your computer / router etc.. Seem invisible to the rest of the internet.
 
Last edited:

mike3fan

Well-known member
from shields up,very cool!

All attempts to get any information from your computer have FAILED. (This is very uncommon for a Windows networking-based PC.) Relative to vulnerabilities from Windows networking, this computer appears to be VERY SECURE since it is NOT exposing ANY of its internal NetBIOS networking protocol over the Internet.
 
Top