Results 1 to 2 of 2

Thread: Should i add to trusted?

  1. #1
    felinefury Guest

    Default Should i add to trusted?

    This is my router's adress. It's also listed as my DNS. If i add that to trusted will all the internet traffic comming through my router be treated as trusted?

    Operating System:Windows XP Pro
    Software Version:8.0
    Product Name:ZoneAlarm Pro

  2. #2
    Join Date
    Dec 2005

    Default Re: Should i add to trusted?

    <blockquote><hr>FelineFury wrote:
    This is my router's adress. It's also listed as my DNS. If i add that to trusted will all the internet traffic comming through my router be treated as trusted?

    Operating System:
    Windows XP Pro
    Software Version:
    Product Name:
    ZoneAlarm Pro


    Simpe answer:
    Yes this is Trusted.
    No the internet traffic will not become Trusted.
    Because your 192.169.x.x network is a private network and not a public address/network.

    Long answer:
    The router is doing a network address translation (nat) as it changes the private IP (it has assigned to you) and change the address to the public Ip (as assigned by your internet provider). In other words, the internet never sees your computer's private address and will only see the public address - in effect your computer is "hidden" from the internet and is working on it's own private network.

    Any incoming connections to the router (as it is the very first connection to your private network) are dropped/rejected by the router - because the addresses that are asked for are only the public internet address and the router only knows how to send to the private network. In other words, it sees these and has no place to forward the connections, so it drops them.
    [understand there are various outgoing connection from your computer and these are all replied or answered with return connection or incoming connections - there is a constant two way conversation with your computer and the web sites/servers that it contacts).

    Any outgoing connections from the computer to the router are treated differently. Your computer sends all internet connections by sending the connections directly to the router using the router's address. The router then removes it's address from the packets (header packets), adds in the public address (your public IP address) and then sends these packets forward with only the public address that it itself only uses. This means any web site or web server never sees your private address and only the public address.

    The router also keeps a correct list your outgoing connections into a table and keeps track of all of the connections made your computer.
    The router "read" the first group of outgoing packets, saw the internet address involved and recorded these address(s) into the list.
    (it basically strips off the private address and the requested public address is left intact)
    It also recorded your private address for your computer related to these outgoing connections.
    This is how it knows what went out and from where.
    If an returning incoming connection (from your original connection) tries to comes in, the router checks it's list and sees if it has any private addresses that made this first outgoing connection from your computer.
    If it finds your computer did make the first connection, that incoming connection is allowed in and the router then sends the connection to your computer but only with that private address (not the public address) - in other words it still translated the public network into the private network.
    But if the router sees the incoming connection was never originally sent by the private address (it has no record of any connection from the private address of your computer), then the router has no place to send the connection attempt, so instead it drops it.
    Hence unwanted incoming connections are dropped by the router - always!

    Your router is in effect doing two seperate connections types - your private network and connections to the internet
    (called a gateway but since there is your private network, it is performing NAT because it is working two different network)

    For more info go to wikipedia and search for "Network Address Translation" and "Private Network" and "Dynamic Host Configuration Protocol".
    If curious about the DNS then search for Domain Name System (that explaination is another post).


    Message Edited by Oldsod on 11-16-2008 06:34 PM
    Best regards.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts