Security without firewall

Discussion in 'other firewalls' started by Mrkvonic, Nov 7, 2005.

Thread Status:
Not open for further replies.
  1. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,695
    Hi,
    Don't kill me, here's something I found out.
    I have a number of computers, at different locations... Some of these machines are inter-connected in Internet Connection Sharing home-network neighborhood. One of the computers servers as gateway, others connect through it.
    BEFORE I connected the computers into ICS hood, when I would close the firewall, most ports would show closed except those common ones stealthed by the ISP.
    AFTER I connected the computers, even when I shut down the firewalls, even on the gateway computer, the ports all show as closed at both grc and sygate tests.
    Now, normally, I ALWAYS run firewall on all machines, but this is a neat solution. Your ICS hood becomes a router-like protected environment, without any router!
    I know that the computers behind the gateway should report this, but the gateway computer is ALSO protected.
    I suggest that anyone who has 2 or more computers or can afford to buy another simple cheap machine, to inter-connected them into ICS share, this will create another layer of security, to your benefit. The only costs are the cross-cable and another network card for each machine you want to share.
    Cheers,
    Mrk
     
  2. Arup

    Arup Guest

    This is pretty common method to stealth PC's on ICS LAN, only the gateway needs a firewall, rest just need a outbound firewall at the most, this is because ICS by its very nature like NAT hides the LAN IP and only the gateway ICS machine's IP is revealed.
     
  3. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,695
    Hi,
    Arup, just a quick reminder, I say no firewall on ALL computers, including the gateway, and all ports are closed - not just the other LAN machines.
    Mrk
     
  4. Arup

    Arup Guest

    Was anything like IPSec etc or port blocker applied to the machines? In my case, my ICS Gateway is not stealthed or blocked.
     
  5. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,695
    Hi,
    Nope, nothing of the sort.
    Just as I explained, pure and simple... neat isn't it...
    Mrk
     
  6. Arup

    Arup Guest

    Yep, blocked is safe, stealthing the Gateway with CHX is even more safer and has no speed impact.:)
     
  7. metoo

    metoo Guest

    Me too. Mrkvonic is claiming otherwise. Strange.

    I think this is false. Unless you have done something specific to the gateway computer. What OS is it on anyway?
     
  8. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,695
    Hi,
    The OS is XP Pro.
    I have not done anything to the computer.
    I'm positively baffled by the phenomenon myself. I have no precise way of explaining. I can only state the total net effect of the entire process. Why did it happen? Dunno. Is it good? Yes.
    The gateway is not stealthed with firewall turned off btw. Ports are reported as closed, except those stealthed by the ISP. When the firewall is turned on, the ports are stealthed. So firewall is doing something...
    Now, before configuring ICS, the ports would show as open.
    What IS possible is that the cable modem acts as router, although I doubt it, because it's the cheapest piece of hardware they could ever sell.
    At my brother's place, though, with a different modem, phone adsl and different provider, he gets the same results after configuring the ICS. BTW, the network is manually configured.
    Cheers,
    Mrk
     
  9. Arup

    Arup Guest

    If your cable modem did NAT/Router, you would be totally stealthed.
     
Loading...
Thread Status:
Not open for further replies.