Hi, What is the method that hackers use to go thru the firewall. I have been seeing probes that light up the router WAN light and my PC's connection light. So they are passing right thru the firewall to my PC. I know they have a way to know which site I am going to - they have access to a up stream router. So by knowing the site I am at, they can craft packets that spoof the source address. ( the web site's ip address that I am surfing to ) But I don't understand the mechanics of it. If the packet spoofs the source address of the incoming packet, how does my PC know to return the results to the hacker? Wouldn't my PC send the responses back to that source address ?
I have read somewhere that a well-crafted partial/full custom packet can easily make it through a firewall. Do you use a VPN to protect your IP address? A naked browser request that does not use tunneling is visible to your ISP. It sounds like you are describing a scenario for a Man-in-the-Middle attack.
Hi, Thanks for the reply. No I am not using a VPN. I will look into that. I don't think they are attempting a MITM attack. They mostly try to compromise the browser, and listening services. The FireFox 33.0 browser is still vulnerable to something. A hour ago I just saw streaming lights to my machine, so I disconnected the wire. When I reconnect, luckily nothing is calling out. The only thing running was Firefox, and I was in a forum, which is stop and go traffic, and shouldn't see any traffic while I am just reading the page. Which brings me to a second question. Does SPI firewalls also match the outgoing and incoming port number in addition to the ip address.? It seems they are trying out the listening services on my machine as well, but that is just a guess. Because I see a lights coming in, in spurts, one series after another. So it seems to me that they are trying to connect, but failing.
