Stateful Packet Inspection & DoS Attacks?

Discussion in 'other firewalls' started by guest, Nov 10, 2010.

Thread Status:
Not open for further replies.
  1. guest

    guest Guest

    when i activate the spi in my router, problems arise.
    many web pages stop responding after a few minutes i start browsing them. and when i refresh the page, at the mostleft bottom of browser "dns cache error" warning appears whenever i press f5, then disappears.
    but if i disable spi and dos attack feature, those websites persistently stop responding start to respond.
    and my browsing session gets drastically faster.
    what am i supposed to do? i know i should keep them on. but if i keep them on , have these issues. if i don't, my pc's become open to whole www.
    i'm stuck, waiting for your help.
    thanks.

    here's what i'm talking about:
    http://kb.netgear.com/app/answers/detail/a_id/1178
     
  2. swami

    swami Registered Member

    Joined:
    Mar 24, 2006
    Posts:
    215
    I'd turn them off. If your router is in routing mode, not bridged, all the packets coming to the computer must be asked by it. Thus the router already drops not asked packets.
    DoS attacks are quite unlikely also at home.
    I don't think you gain anything security-wise.
     
  3. elapsed

    elapsed Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    7,076
    You state you have 2 options, SPI & DoS. It is highly unlikely a home user will be DoS/DDoS'd and even if he/she was in most cases you can just reset the router for a new IP, which most people would do if their internet was slow anyway.

    I've always recommened turning off DoS features if possible in routers as it generally just causes False Positives, especially with online games that spray lots of UDP packets.

    Anyway, try it with SPI on and DoS off.
     
  4. JuanP1000

    JuanP1000 Registered Member

    Joined:
    Aug 25, 2010
    Posts:
    43
    Unless you are running a webserver and have a static IP at home i will keep it on....otherwise as others have told you turn it off.. and rely on your firewall
     
  5. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    8,013
    A simple NAT router will drop all unsolicited inbound by default, whether or not you have it's additional firewall on or off. I'd just turn it off and rely on NAT. You really don't need anything else...
     
  6. elapsed

    elapsed Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    7,076
    NAT is generally on by default.
    If you wish to keep SPI off, you'll most likely be fine. I recommend you turn on the Windows Firewall though, it's simple, and doesn't moan at you constantly for every little thing.

    Alternatevely, you could try enabling SPI and disabling the fragmented packets option and see if that works for you.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.