Jetico making me crazy.

It still failed.

 

What make/model is your modem and router?

 

The modem is a Westell Wirespeed B90-220030-04 Rev. G

 

I have been trying to find more info on your nat modem, westell.com doesnt give info to end users. Have you past a shieldsup before while using this nat modem? (is it just a modem or is it also a gateway)
When you plugged your PC into the modem, where you still on a fixed IP (for your PC)?

EDIT

From the info I found,..it appears you modem is a modem/router! "192.168.1.254"

 

I have never run Shields Up! before. I believe the modem can operate as a router but I do not have it set up that way. Maybe the issue is related to the modem -- in that case my H/W and S/W firewalls have nothing to do with it and I just won't worry about it. Thank you for all your help.

 

You should log into your modem/router and check the settings to stop the reply.

Plug your PC directly into your modem/router,.. and log in "192.168.1.254" and check the settings.

 

It turns out that my modem was acting as a DHCP server. As soon as I disabled that and enabled IP passthrough to the wireless router it passed. Thanks for your help.

 

Good to hear,... and your welcome.

 

UPDATE:

IP passthrough is not the way to go, as it forces the modem to run as a DHCP server and causes double NATing with the wireless router.

Operating the modem in Bridged Ethernet mode with DHCP disabled is the way to go.

It works perfectly and I'm now passing the ping test.

This site gave a good tutorial about the best way to operate a Westell modem with a Netgear router. http://www.dslreports.com/faq/7815 It also has tutorials on connecting Westell modems to other brands of routers as well. http://www.dslreports.com/faq/bellsouth

P.S. Jetico is not driving me crazy -- it had nothing to do with any of my problems.

 

shaunwang,
The 3 blocking rules you requested (attached), unzip, open in Jetico and drag to shown Position in the System IP tables/ System internet zone. (pic to show position included)

 

thanks stem for creating this shall test it right now

 

Wow, following this thread and trying first time Jetico i must say great FW and great help in this thread. Never used a FW. I was a Blackice fan, but....

Just some question:
1. How to configure Jetico for Miranda with ICQ,Yahoo,MSN. Jabber,IRC protocols and several plugins running?
2. What is the meaning of 'attacker installs system-wide windows hook'. Harmless programs like the MP3 Player MusiKcube and eMule produce this message. Should it be allowed?

 

I have never used "Miranda",... I will search to see what I can find.

You would install a hook procedure to monitor the system for certain types of events (some info here), the one used the most is a keyboard hook to monitor keyboard actions,

 

@Stern
Thanks for your answer. Will have a closer look at this _hooks_.

It's a very complex FW, and till i understand most, there surly will come up a lot of questions.
Seams that the predefined rules are well for a Win XP SP2 System. Some 'Systemfiles' pop up after each restart of the PC, but i will figure that out.

Blackice was easy (but no outgoing traffic control), nothing to do, but regarding to outbound traffic, trojans, and so on Jetico is a quiet good solution - if correct configured - i think.

P.S. A good feature for the further development of Jetico would be an import, if possible, of the IDS Rules from Blackice into Jetico. As a pure IDS Blackice is outstanding.

 

Stem-----

Is it safe to create a rule to allow the "access to network" event for all the applications, since jetico would still prompt for other events, such as outbound/inbound connection after enabling this rule?

regards,

shek

 

Hi shek,

With the default installation (optimal Protection):
Allowing "Access to Network" will allow an application:
Access to Loopback / Trusted zone
Listen on port for Datagrams (UDP)
Listen on port for TCP
Send / receive DNS

So there is a risk with allowing all/any to access the network. But an application would request any other data transfer. (connections would be prompted for)

Stem

 

But the risk is really trivial, isn't it?

 

For the "Listen on ports" yes, as thats all the application could do, no reaction would be allowed.
I think the only real concern would be the access to the "Loopback" which could cause problems if you are using a local proxy.
So you should be o.k. with no local proxy installed.

____
Stem

 

Stem----

Thank you so much.

Shek

 

Two more question:
1. In the wizard - sections trusted Zone appears - my Internet IP. The IP is changing when i conect my self from different places. Does Jetico automativly eliminates 'old' and puting the new and actual IP into the trusted zone?
2. Is it possible to make a rule for allowing access only to local network, like for 'oodag.exe. from O&O Defrag, or does allow 'access to network' in general not implements a risc?

 

Hello Tommy,

If the "wizard" is allowed "access to network" it will pick up / use local network/lan on either boot, or when the wizard is run. (it will only keep predefined network from the PC settings (such as fixed IP/network)). If you are connecting from a shared network be cautious of this, it is one feature I do not like (auto pickup of network). Any IP/range within the "Trusted Zone" will have access to possible inbound on your pc.

There is the rule "access to network", is this what you refer to? (Please expand the question if this is not the answer.)

Stem

 

Your Welcome,..

 

@Stern
1. I am connecting myself with the Laptop from work and at home. Two different IP's. Question was if i have to run the Wizard each time i change my location?
2. Some programs like 'oodag.exe' from O&O Defrag are only listening on local and remote adresses 0.0.0.0, they don't need access to the Internet. My question was, perhaps i miss understand the frace 'access to network, to make a rule that those programs realy only have access to these 'local' adresses and don't allow the access to other networks like the internet.

 

If the PC was left switched on and location/IP was changed, then the"wizard" would possibly be required, But on boot the new IP would be found.

"shek" just asked regarding this,.. Ref: Post,291/293 https://www.wilderssecurity.com/showthread.php?p=800607#post800607 does this answer?

 

I should open my esyes before posting. Sorry.

One more question for now.
How to put in _one_ rule a range of hosts for which i grant permission to access/conect? For example '62.216.251.0 - 62.216.251.255'. Which separator i have to use?

By the way. Stern, many thanks for your big help here