not newbee but lost, very lost,pls help

Discussion in 'other firewalls' started by spookn, May 3, 2004.

Thread Status:
Not open for further replies.
  1. spookn

    spookn Guest

    I have been playing around with PC's for awhile, I have 4 networked in my home, with every OS there is, well almost. Lets say the most popoular from Linux to XP. I only mention it to let you know that I am not totally lost.
    So I start messing around with my security, mostly because my bro just bought a product for 139$ (alphasheild) which is expensive for my blood, but he is happy with it.
    I have a D-Link router 604 and use sygate pro firewall. Have a few services shut off and keep a min of APP's runing.
    So I try some software out there like Firehole and fail,
    go to Gibsons Shields up tests and fail. not all but some like "ping" for gods sake!
    So my question is where do I start? Is there a list of things to go thru and ck? one by one? I do a search, and end up with twenty different answers! To the same Question!
    Sygate shouldn't be letting in ping!!!
    Then I notice that shields up is using a (I think) wrong IP address. For when I ck it in ipconfig, it is different! So I may not even be able to use that info...

    I used Tiny before and learned a little about rules. Is there a list of rules I can put in sygate to stopp "ping" Like which port to block etc... I do not remember.
    Bottom line is I want to go over my main PC and set it up to be very secure.
    PLEASE help me get started. Thanks in advance
  2. spookn

    spookn Guest

    In the last few min. I learned some stuff. The IP add is my router.
    At DSL Reports everything looked a little better, so now my next question is,
    If someone does ping me and gets my router, and trys to do more invasive stuff, they should not be able to? Because they are only getting my router? Not my PC?
    As you can see. I am still lost!
  3. eyespy

    eyespy Registered Member

    Feb 20, 2002
    Oh Canada !!
    Hi Spookn,

    Do you want to block "pings"?
    Log into your Router.
    Choose Advanced Tab. Than choose Firewall Tab. You can uncheck
    "Allow to Ping WAN port" under the "Firewall Rules List". Click apply. Your done.
    I have Sygate as well and I never see any inbound activity on my PC. My Router blocks all unwanted gremlins according to my Router log, even when I test at some sites.
    Hope this helps,
    bill :)
  4. Paranoid2000

    Paranoid2000 Registered Member

    May 2, 2004
    North West, United Kingdom

    Since your router is using NAT (Network Address Translation) to share your Internet connection, any outside connection will be to it's IP address. This does provide you with extra security since your router would need to be compromised before your PCs could be accessed but do ensure that your router firewall is set up properly. A ping is not harmful in itself but many automated worms use pings to detect machines for further attack - so unless you need to respond to them (for instance, some ISPs may require you to show that you are online) it is best to disable ping responses.

    Firehole is a "leaktest" which attempts to masquerade as a trusted application in order to bypass firewalls. Router firewalls can provide no protection from these since they have no way of knowing what application is sending traffic on your PC. For this you need a software firewall. Firehole has been out for a while so while Sygate was vulnerable to it (see the Aug 2003 PCFlank leaktest results), the latest version should do better.

    If it doesn't then using another firewall is one option. Another is to use an application firewall like System Safety Monitor which allows you to control calls between Windows applications (and will also detect DLL injection, the technique that Firehole uses). It is free (albeit a slow download) but will give you a lot of popups to start with - in particular some applications like mouse drivers, touchpad drivers and Windows skinning programs (WindowBlinds, WindowFX) will attach themselves to every other running process, triggering a prompt each time (you can specify to always allow that action in future, making it a once off). However it does allow you a great deal of control over what your PC does, and can be a potent defence against trojans and spyware.
Thread Status:
Not open for further replies.