Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: Router questions

  1. #1
    redbull Guest

    Default Router questions

    There seems to be more hackers every day. Here is an article that details some of the issues. http://www.esecurityplanet.com/views...41/article.htm My question is -- should someone be concerned with continuing to use an older router or should you consider updating routers on a regular basis (what would that time basis be...) like you do software, etc.?

    As a hardware device I have not spent much time worrying about it....until now.

    Operating System:Windows Vista 64 bit
    Software Version:8.0
    Product Name:ZoneAlarm Extreme Security

  2. #2
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: Router questions

    The 'hackers' as described in your <a href="http://www.esecurityplanet.com/views/article.php/3827941/article.htm"target=_"blank"article</a> are basically doing port scan and IP scans and should not be able to breach a router - out of date or otherwise.
    Out dated routers and routers with out of date firmware should still have ports stealthed and closed, drop unwanted incoming pings and not allow unsolicited incoming connections (by virtue of the router's NAT which would only allow incoming return connections from established connections by the route table of the router).
    Nor should these 'hackers' be able to breach an older software firewall that is facing directly to the internet and is not placed behind the inbound filtering of a hardware firewall (router).

    I refer to the 'hackers' in quotes as port and IP scanning is nothing new and has been done for a long time...even though IPs from chinanet, hong kong and one particular provincial internet provider from china are especially notorious for checking ports and IPs of the world's internet.

    Any home router would by default 'drop' these unwanted incoming connections and in this sense this is not really a 'hack', but more checking for ports and IPs..even though if there were open ports, no doubt the 'hackers' would then attempt to spend time to enter the other open ports of those IPs.
    So would any software firewall on the home user's desktop.

    The ports being scanned as seen here fron your article:



    are really not common ports used for a home user anyways, any would be more involved in enterprise and web server types of IPs.
    So the 'hackers' are really looking for larger nore powerful non-home-user types of computers and for enterpise networks.
    But there are far more interesting and more common ports for web servers and enterprise networks to be scanned by hackers, which would be easier to hack and exploit, so the question from this article is really are the hackers attempting just ports scanns or simply looking for all known IPs.
    So it kind of makes me think they are not actually genuinely hacking but instead are doing IP checks.
    (but I still would not rule out they would attempt to actually seriously hack any newly found government and enterprise networks once they have found those particular IPs)


    However the port scans of all the IPs performed by the 'hackers' does yield results for valid and exisiting IPs and for non existing IPs.
    They could be just complying lists of valid international Ips besides looking for open ports.


    The biggest security risks to 'out-of-date' routers is not so much an out of date firmware or out-of-date hardware, but instead by the user's own security mistakes.
    Mistakes such as not changing the router's default login and password and not disabling the UPnP (if not needed or used) and not MACing in the MAC(s) of the local area networked devices and of course not using proper encryption and passwords for the wireless routers.

    Oldsod.

    Message Edited by Oldsod on 07-16-2009 03:51 AM
    Best regards.
    oldsod

  3. #3
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: Router questions

    A block list to be manaully added to the ZA's backup file (.xml).
    This list includes the 'hacker' IPs mentioned to in the referred editorial article.

    &lt;zones&gt;
    &lt;restricted clearOldEntries="true" defaultNetworkStatus="ask" defaultAdapterMode="off"&gt;
    &lt;iprange address="0.0.0.1" toAddress="0.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="1.0.0.0" toAddress="1.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="2.0.0.0" toAddress="2.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="3.0.0.0" toAddress="3.255.255.255" status="true" description="General Electric"/&gt;
    &lt;iprange address="5.0.0.0" toAddress="5.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="6.0.0.0" toAddress="6.255.255.255" status="true" description="Army Informations Systems"/&gt;
    &lt;iprange address="9.0.0.0" toAddress="9.255.255.255" status="true" description="IBM"/&gt;
    &lt;iprange address="10.0.0.0" toAddress="10.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="11.0.0.0" toAddress="11.255.255.255" status="true" description="DoD Intel"/&gt;
    &lt;iprange address="13.0.0.0" toAddress="13.255.255.255" status="true" description="Xerox"/&gt;
    &lt;iprange address="14.0.0.0" toAddress="14.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="15.0.0.0" toAddress="15.255.255.255" status="true" description="Hewitt Packard"/&gt;
    &lt;iprange address="16.0.0.0" toAddress="16.255.255.255" status="true" description="Digital Equipment"/&gt;
    &lt;iprange address="17.0.0.0" toAddress="17.255.255.255" status="true" description="Apple Computer"/&gt;
    &lt;iprange address="18.0.0.0" toAddress="18.255.255.255" status="true" description="MIT"/&gt;
    &lt;iprange address="19.0.0.0" toAddress="19.255.255.255" status="true" description="Ford Motor Company"/&gt;
    &lt;iprange address="20.0.0.0" toAddress="20.255.255.255" status="true" description="Computer Sciences"/&gt;
    &lt;iprange address="21.0.0.0" toAddress="21.255.255.255" status="true" description="DDN-RVN"/&gt;
    &lt;iprange address="22.0.0.0" toAddress="22.255.255.255" status="true" description="Defense Information Systems_1"/&gt;
    &lt;iprange address="23.0.0.0" toAddress="23.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="25.0.0.0" toAddress="25.255.255.255" status="true" description="UK Ministry of Defense"/&gt;
    &lt;iprange address="26.0.0.0" toAddress="26.255.255.255" status="true" description="Defense Information Systems"/&gt;
    &lt;iprange address="27.0.0.0" toAddress="27.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="28.0.0.0" toAddress="28.255.255.255" status="true" description="DSI North"/&gt;
    &lt;iprange address="29.0.0.0" toAddress="29.255.255.255" status="true" description="Defense Information System"/&gt;
    &lt;iprange address="30.0.0.0" toAddress="30.255.255.255" status="true" description="Defense Information system"/&gt;
    &lt;iprange address="31.0.0.0" toAddress="31.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="33.0.0.0" toAddress="33.255.255.255" status="true" description="DLA Systems"/&gt;
    &lt;iprange address="34.0.0.0" toAddress="34.255.255.255" status="true" description="Halliburton"/&gt;
    &lt;iprange address="35.0.0.0" toAddress="35.255.255.255" status="true" description="Merit"/&gt;
    &lt;iprange address="36.0.0.0" toAddress="36.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="37.0.0.0" toAddress="37.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="38.0.0.0" toAddress="38.99.75.255" status="true" description="Performance Systems International"/&gt;
    &lt;iprange address="38.99.79.255" toAddress="38.101.111.41" status="true" description="Performance Systems International"/&gt;
    &lt;iprange address="38.101.111.50" toAddress="38.255.255.255" status="true" description="Performance Systems International"/&gt;
    &lt;iprange address="39.0.0.0" toAddress="39.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="40.0.0.0" toAddress="40.255.255.255" status="true" description="Eli Lily"/&gt;
    &lt;iprange address="41.0.0.0" toAddress="41.255.255.255" status="true" description="AfriNIC"/&gt;
    &lt;iprange address="42.0.0.0" toAddress="42.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="43.0.0.0" toAddress="43.255.255.255" status="true" description="Japan Inet"/&gt;
    &lt;iprange address="44.0.0.0" toAddress="44.255.255.255" status="true" description="Amateur Radio Digital"/&gt;
    &lt;iprange address="45.0.0.0" toAddress="45.255.255.255" status="true" description="Interop Show"/&gt;
    &lt;iprange address="46.0.0.0" toAddress="46.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="47.0.0.0" toAddress="47.255.255.255" status="true" description="Bell-Northern Research"/&gt;
    &lt;iprange address="48.0.0.0" toAddress="48.255.255.255" status="true" description="Prudential Securities"/&gt;
    &lt;iprange address="49.0.0.0" toAddress="49.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="50.0.0.0" toAddress="50.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="51.0.0.0" toAddress="51.255.255.255" status="true" description="Department of Social Security,UK"/&gt;
    &lt;iprange address="52.0.0.0" toAddress="52.255.255.255" status="true" description="E.I.duPont deNemours"/&gt;
    &lt;iprange address="53.0.0.0" toAddress="53.255.255.255" status="true" description="Cap Debis"/&gt;
    &lt;iprange address="54.0.0.0" toAddress="54.255.255.255" status="true" description="Merck"/&gt;
    &lt;iprange address="55.0.0.0" toAddress="55.255.255.255" status="true" description="DoD Network Information"/&gt;
    &lt;iprange address="56.0.0.0" toAddress="56.255.255.255" status="true" description="U.S. Postal service"/&gt;
    &lt;iprange address="57.0.0.0" toAddress="57.255.255.255" status="true" description="SITA"/&gt;
    &lt;iprange address="58.0.0.0" toAddress="58.255.255.255" status="true" description="APNIC"/&gt;
    &lt;iprange address="59.0.0.0" toAddress="59.255.255.255" status="true" description="APNIC"/&gt;
    &lt;iprange address="60.0.0.0" toAddress="60.255.255.255" status="true" description="APNIC"/&gt;
    &lt;iprange address="61.0.0.0" toAddress="61.255.255.255" status="true" description="APNIC"/&gt;
    &lt;iprange address="100.0.0.0" toAddress="100.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="101.0.0.0" toAddress="101.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="102.0.0.0" toAddress="102.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="103.0.0.0" toAddress="103.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="104.0.0.0" toAddress="104.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="105.0.0.0" toAddress="105.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="106.0.0.0" toAddress="106.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="107.0.0.0" toAddress="107.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="110.0.0.0" toAddress="110.255.255.255" status="true" description="APNIC"/&gt;
    &lt;iprange address="111.0.0.0" toAddress="111.255.255.255" status="true" description="APNIC"/&gt;
    &lt;iprange address="112.0.0.0" toAddress="112.255.255.255" status="true" description="APNIC"/&gt;
    &lt;iprange address="113.0.0.0" toAddress="113.255.255.255" status="true" description="APNIC"/&gt;
    &lt;iprange address="114.0.0.0" toAddress="114.255.255.255" status="true" description="APNIC"/&gt;
    &lt;iprange address="115.0.0.0" toAddress="115.255.255.255" status="true" description="APNIC"/&gt;
    &lt;iprange address="116.0.0.0" toAddress="116.255.255.255" status="true" description="APNIC"/&gt;
    &lt;iprange address="117.0.0.0" toAddress="117.255.255.255" status="true" description="APNIC"/&gt;
    &lt;iprange address="118.0.0.0" toAddress="118.255.255.255" status="true" description="APNIC"/&gt;
    &lt;iprange address="119.0.0.0" toAddress="119.255.255.255" status="true" description="APNIC"/&gt;
    &lt;iprange address="120.0.0.0" toAddress="120.255.255.255" status="true" description="APNIC"/&gt;
    &lt;iprange address="121.0.0.0" toAddress="121.255.255.255" status="true" description="APNIC"/&gt;
    &lt;iprange address="122.0.0.0" toAddress="122.255.255.255" status="true" description="APNIC"/&gt;
    &lt;iprange address="123.0.0.0" toAddress="123.255.255.255" status="true" description="APNIC"/&gt;
    &lt;iprange address="124.0.0.0" toAddress="124.255.255.255" status="true" description="APNIC"/&gt;
    &lt;iprange address="125.0.0.0" toAddress="125.255.255.255" status="true" description="APNIC"/&gt;
    &lt;iprange address="126.0.0.0" toAddress="126.255.255.255" status="true" description="APNIC"/&gt;
    &lt;iprange address="127.0.0.0" toAddress="127.255.255.255" status="true" description="IANA-Loopback"/&gt;
    &lt;iprange address="133.0.0.0" toAddress="133.255.255.255" status="true" description="APNIC"/&gt;
    &lt;iprange address="150.0.0.0" toAddress="150.255.255.255" status="true" description="APNIC"/&gt;
    &lt;iprange address="153.0.0.0" toAddress="153.255.255.255" status="true" description="APNIC"/&gt;
    &lt;iprange address="154.0.0.0" toAddress="154.255.255.255" status="true" description="AfriNIC"/&gt;
    &lt;iprange address="163.0.0.0" toAddress="163.255.255.255" status="true" description="APNIC"/&gt;
    &lt;iprange address="169.254.0.0" toAddress="169.254.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="171.0.0.0" toAddress="171.255.255.255" status="true" description="APNIC"/&gt;
    &lt;iprange address="172.16.0.0" toAddress="172.31.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="175.0.0.0" toAddress="175.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="176.0.0.0" toAddress="176.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="177.0.0.0" toAddress="177.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="179.0.0.0" toAddress="179.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="180.0.0.0" toAddress="180.255.255.255" status="true" description="APNIC"/&gt;
    &lt;iprange address="181.0.0.0" toAddress="181.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="182.0.0.0" toAddress="182.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="183.0.0.0" toAddress="183.255.255.255" status="true" description="APNIC"/&gt;
    &lt;iprange address="185.0.0.0" toAddress="185.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="186.0.0.0" toAddress="186.255.255.255" status="true" description="LACNIC"/&gt;
    &lt;iprange address="187.0.0.0" toAddress="187.255.255.255" status="true" description="LACNIC"/&gt;
    &lt;iprange address="189.0.0.0" toAddress="189.255.255.255" status="true" description="LACNIC"/&gt;
    &lt;iprange address="190.0.0.0" toAddress="190.255.255.255" status="true" description="LACNIC"/&gt;
    &lt;iprange address="191.0.0.0" toAddress="191.255.255.255" status="true" description="LACNIC"/&gt;
    &lt;iprange address="192.88.99.0" toAddress="192.88.99.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="196.0.0.0" toAddress="196.255.255.255" status="true" description="AfriNIC"/&gt;
    &lt;iprange address="197.0.0.0" toAddress="197.255.255.255" status="true" description="AfriNIC"/&gt;
    &lt;iprange address="198.18.0.0" toAddress="198.19.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="200.0.0.0" toAddress="200.255.255.255" status="true" description="LACNIC"/&gt;
    &lt;iprange address="201.0.0.0" toAddress="201.255.255.255" status="true" description="LACNIC"/&gt;
    &lt;iprange address="202.0.0.0" toAddress="202.255.255.255" status="true" description="APNIC"/&gt;
    &lt;iprange address="203.0.0.0" toAddress="203.255.255.255" status="true" description="APNIC"/&gt;
    &lt;iprange address="210.0.0.0" toAddress="210.255.255.255" status="true" description="APNIC"/&gt;
    &lt;iprange address="211.0.0.0" toAddress="211.255.255.255" status="true" description="APNIC"/&gt;
    &lt;iprange address="214.0.0.0" toAddress="214.255.255.255" status="true" description="US-DoD"/&gt;
    &lt;iprange address="215.0.0.0" toAddress="215.255.255.255" status="true" description="US-DoD"/&gt;
    &lt;iprange address="218.0.0.0" toAddress="218.255.255.255" status="true" description="APNIC"/&gt;
    &lt;iprange address="219.0.0.0" toAddress="219.255.255.255" status="true" description="APNIC"/&gt;
    &lt;iprange address="220.0.0.0" toAddress="220.255.255.255" status="true" description="APNIC"/&gt;
    &lt;iprange address="221.0.0.0" toAddress="221.255.255.255" status="true" description="APNIC"/&gt;
    &lt;iprange address="222.0.0.0" toAddress="222.255.255.255" status="true" description="APNIC"/&gt;
    &lt;iprange address="223.0.0.0" toAddress="223.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="224.0.0.0" toAddress="224.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="225.0.0.0" toAddress="225.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="226.0.0.0" toAddress="226.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="227.0.0.0" toAddress="227.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="228.0.0.0" toAddress="228.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="229.0.0.0" toAddress="229.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="230.0.0.0" toAddress="230.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="231.0.0.0" toAddress="231.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="232.0.0.0" toAddress="232.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="233.0.0.0" toAddress="233.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="234.0.0.0" toAddress="234.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="235.0.0.0" toAddress="235.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="236.0.0.0" toAddress="236.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="237.0.0.0" toAddress="237.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="238.0.0.0" toAddress="238.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="239.0.0.0" toAddress="239.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="240.0.0.0" toAddress="240.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="241.0.0.0" toAddress="241.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="242.0.0.0" toAddress="242.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="243.0.0.0" toAddress="243.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="244.0.0.0" toAddress="244.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="245.0.0.0" toAddress="245.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="246.0.0.0" toAddress="246.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="247.0.0.0" toAddress="247.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="248.0.0.0" toAddress="248.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="249.0.0.0" toAddress="249.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="250.0.0.0" toAddress="250.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="251.0.0.0" toAddress="251.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="252.0.0.0" toAddress="252.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="253.0.0.0" toAddress="253.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="254.0.0.0" toAddress="254.255.255.255" status="true" description="Iana Reserved"/&gt;
    &lt;iprange address="255.0.0.0" toAddress="255.255.255.254" status="true" description="Iana Reserved"/&gt;
    &lt;/restricted&gt;
    &lt;/zones&gt;

    Note: 72.16.0.0-172.31.255.255 and 10.0.0.0-10.255.255.255 both are private internet blocked ranges... and may block your local area network - these may need adjusting to obtain network access.
    Note: Performance Systems (38.0.0.0-38.255.255.255)has been set with a small exception to allow an online file/image host server.
    If not needed (for yourself to use or see images hosted from that file host,from others online) then the entire range of 38.0.0.0-38.255.255.255 can be blocked as Performance Systems is otherwise filled with lots of proxy servers and a fair amount of spamming and malware sites.
    Yes there are many ethical sites in this range that may be needed, but these should be allowed by editing the ZA's Zones to allow these IP and IP ranges - the blocked site event will be found in the ZA's Log Viewer for exact details.

    Oldsod.

    Message Edited by Oldsod on 07-16-2009 07:05 AM
    Best regards.
    oldsod

  4. #4
    redbull Guest

    Default Re: Router questions

    I have never added anything to ZA firewall. Please advise on how to copy the list you provided into the .xml backup file.

    Thank you for the information and assistance.

  5. #5
    redbull Guest

    Default Re: Router questions

    I found the following instructions. http://forum.zonelabs.org/zonelabs/b...ssage.id=17852

    Is there a new and easier way to add?

  6. #6
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: Router questions

    Yes that is basically the method I was going to describe - manually edit is still faster and much quicker than manually entering every IP and IP range manually into the ZA's GUI.

    Important tips.
    First manually enter in several block zone entries into the Zones of the Firewall of the ZA.
    Then make a new backup xml file.
    This will bascially help you to see the correct layout of the block zone entries in the backup.
    These manually entered entries may appear as a paragraph format instead of a linear list, but the linear list edited into the backup will be acdepted by the ZA restore procedure.


    Other important tips - the exact lines and spacing of entries (from the left side of the page must be exactly as before. On other words, the targets must be exactly the same as before, and there must be no new extra spaces created.

    Do not edit the .xml file with the IE - instad use just the window's notepad.

    Another tip - make a copy of the ZA backup to have a correct comparision of the previous layout.

    Any misplaced targets(anchors) and any extra or lost spaces will result in a failed restore!

    Sample:

    &lt;/trusted&gt;
    &lt;restricted clearOldEntries="true"&gt;
    &lt;iprange address="4.21.117.128" toaddress="4.21.117.159" status="on" description="I-Deal Dir"/&gt;
    &lt;iprange address="4.21.149.0" toaddress="4.21.149.31" status="on" description="I-Deal Dir"/&gt;
    &lt;iprange address="4.43.44.32" toaddress="4.43.44.63" status="on" description="MicroStrat"/&gt;
    &lt;iprange address="4.43.44.128" toaddress="4.43.44.143" status="on" description="MicroStrat"/&gt;
    &lt;iprange address="4.43.119.0" toaddress="4.43.119.127" status="on" description="Webair Int"/&gt;
    &lt;ipaddr address="12.30.241.242" status="on" description="ScanSpy.ne"/&gt;
    &lt;ipaddr address="12.47.196.49" status="on" description="partners.m"/&gt;
    &lt;ipaddr address="12.98.204.163" status="on" description="Netropa[Sp"/&gt;
    &lt;ipaddr address="12.99.231.36" status="on" description="Netropa[Sp"/&gt;

    &lt;iprange address="222.126.13.224" toAddress="222.126.13.231" status="true" description="Neil Diama"/&gt;
    &lt;iprange address="222.127.228.5" toAddress="222.127.228.8" status="true" description="Comment sp"/&gt;
    &lt;iprange address="222.127.228.21" toAddress="222.127.228.24" status="true" description="Comment sp"/&gt;
    &lt;/restricted&gt;


    Best approach is copy and paste from the first left arrow of the &lt;/trusted&gt;

    and end the paste at the right arrow of the last &lt;/restricted&gt;
    Hopefully this way the backup file will have less chances of getting corrupted.

    But use the copy of the backup as a template to ensure there are no corruptions.

    Note: I forgot to mention that the APNIC regional registry blocks does include most of Australia and part of New Zealand. This could be an issue for some needed sites for browsing or updating.
    Again as mentioned before, the blocked site event (site does not load in the browser)will be seen in the Log Viewer and the needed IP/IP ranges can be then manually allowed inside of the ZA's GUI in the Zones of the Firewall.

    Oldsod.

    Edited to add 'html no break spaces' as the forum posting corrupted the correct layout in the above descriptions... editedto make the list appear as seen in the backup file.

    Oldsod.

    Message Edited by Oldsod on 07-16-2009 02:05 PM
    Best regards.
    oldsod

  7. #7
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: Router questions

    An alternate method for IP/IP range blocking is to use Protowall or PeerGuardian.
    Instead of the firewall blocking these IPs.

    I myself use Protowall (although not as easy to use as the Peer Guardian) and the bluetack's lists are easily added (except for the protowall which MUST have the IP ranges and IPs listed in the correct numerical order or else the file is corrupted).
    Plus the protowall can be difficult for some users to properly install - they even made a video to help show the correct install procedure.

    Protowall block list are manually edited using the notepad whereas the Peer Guardian is more GUI orientated and blocked sites can be allowed permanently or temporaily via the Peer Guardian's GUI.

    Both softwares comes with the basic P2P block lists, but your own home-made lists can be loaded in place of the P2P lists.

    A distinct advantasge by using either the Peer Guardian or Protowall is they can be set to 'popup' for every blocked site event and easily set to allow the site (peer guardian) or temporarily disabling the software (protowall) IP filtering via the tray icon. This saves time and effort of 'hunting' down the blocked IP in the firewall Log Viewer and then editing the firewall's blocked zones.

    Oldsod.

    Message Edited by Oldsod on 07-16-2009 02:25 PM
    Best regards.
    oldsod

  8. #8
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: Router questions

    And coming back to your original post about the router's validity for incoming security, see here about VOIP or Skype defeating router firewalls:

    "The trick used by VoIP software consists of persuading the firewall that a connection has been established, to which it should allocate subsequent incoming data packets...... If, for an incoming UDP packet, these match an NAT table entry, it will pass the packet on to an internal computer with a clear conscience."

    This breaching of the hardware router applies to out-of-date routers or the latest and greatest newest router.

    Technically if a determined hacker does wish to breach a hardware router, they could albeit only by spending lots of lots of time and effort.
    They could forge or change the packets to make it appear as though the incoming packets are actually returned replies to the router's route table. But since the hacker does not possibly know the exact assigned IP of the networked devices behind the router' route table, he must have the packets sent to the entire IP range of a private networking ranges in order to cover all possible IPs.
    But it takes a lot of effort and time to bypass the router... and in most cases a would be hacker chasing down a home user simply does not have any profit or financial rewards.
    The real money to be made is found in enterprise or government network and computers/servers, and the there is no real money to be made off the average home user. (can any one really make real money off my family photos. porn collection, general saved notes/docs and files. music and movie collection found on my computer's hdd????)

    It is far easier to convince the home user to install a 'self' install the malicious files (cracks and cracked software, game cheats, free screen savers, handy toolbars, etc) or attack by web drivebys (browser/operating system exploits/vulnerabilities, browser's plugin exploits, activeX component exploits or fool the user to install activeX, javscript or iframe exploits, etc) or by sending unsolicited emails to direct the user to malicious sites/or files and the unwanted 'payload or malicious' attachments..and so forth and so on.
    These are far easier to do and probably with much bigger and much quicker illegal gotten financial returns.

    Technically the router is not a 100 per cent perfect for inbound protection, but is probably 99.999 perfect.

    Oldsod.

    Message Edited by Oldsod on 07-16-2009 03:05 PM
    Best regards.
    oldsod

  9. #9
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: Router questions

    See the El Cheapo Router Challenge thread at dslreports.com

    A very lengthy thread about some of your concerns about incoming protection of the 'cheap' home router.

    Oldsod.
    Best regards.
    oldsod

  10. #10
    redbull Guest

    Default Re: Router questions

    Thank you for the information. Very helpful. Have a good weekend.

Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •