-
linksys router
Hello everyone
Question: I bought this router about 2 weeks ago and installed it without any problems but for some reason the zone alarm is not going nuts like it use to? Before I got the linksys there where about 5 attemps aday now none? Does this router have a hidden firewall? If so it didnt say it did. What do you people think?
-
Ghost_25inf,
Because of the nature of routers it is filtering out the requests being made. Unless the router is on the same subnet on both the internal and external sides -- thus making it nothing more than a fancy hub -- the router will limit a lot of the traffic. That doesn't mean go without a firewall.
But it helps. ;)
-
Linksys boxes use NAT(Network Address Translation) which means:
Your linksys has 2 interfaces, one on the outside, one on the inside. The outside address is a public address recieved from your cable ISP via DHCP. The inside interface is on private address space, non-internet routable(by default 192.168.1.0 network with a mask of 255.255.255.0) and it hands out IP addresses to your internal machines on the same network.
Your linksys box recieves the request from your machine and translates the address to it's external public address, and then when return traffic comes in, it remembers the internal machine which made the request and delivers it appropriately. If a request is made from the outside, the linksys box does not know what to do with that traffic, unless you have specifically set it up to handle that inbound traffic, so, it does not forward it to your machine.
What you are not seeing in Zone Alarm is outside attempts to reach your computer.
The linksys does have a basic firewall on it. In order to allow outside machines to send requests to your machine, you will need to modify some settings.
Specifically there is an option to put a machine in the DMZ, and redirect traffic initiated from the outside to one specific machine.
Unless you really need to do that, I would not.
and, I would also not get rid of Zone Alarm either.
-
If you still want to see attempts to access your network, you can set your linksys up to write logfiles of incoming and outgoing connections to an internal computer....
http://216.237.158.84/cgi-bin/om_isa...W_ENU_JDocView
That should give you a basic idea how to do it, also at the bottom of the page is a link to the nescessary software to install on your computer.
I have not tried this, so, I am not sure how well it works.
Also, another company www.mynetwatchman.com has a piece of software which will take logs from your router, and send reports of "attacks" or probes which meet certain criteria, to a central location, and coordinate the data from all submitters... I dont think I would want anything to do with this, but, you might.
Good luck,
IchNiSan
-
I run a Linksys router as well. You need to go to the Linksys website and download the latest firmware revision. It adds settings to the user control panel to run ZA Pro. It then uses ZA as the control for the router. As well it's writes it's log files automaticaly to ZA. It's a nice setup. It will even interface with Pc Cillian AV.
Basically, to sum it up. Linksys fixed it so you can tweak the router and have control over it with more advanced rules as well as application rules from the ZA gui.
Hope this helps. :D
-
Quote:
Originally posted here by {P²P}Apocalypse
I run a Linksys router as well. You need to go to the Linksys website and download the latest firmware revision.
Becareful Firmware updates don't always work. I tried to download a firmware off linksys website and it left me with out my router until Linksys emailed me a tftp utility to reinstall it. :D
-
I have a different output. I still get the same amount as i did before i got the linksys router. Can anyone tell me why?
-
What different output?
The only thing I can think of is that perhaps you have an older router that may not have translation on it. What version of Linksys is it?
-
This may be a little off the topic but I think it may be of interest to some Linksys router owners...
I'm not sure which model you have but if you own a BEFSR41, you can go to their FTP site and download logviewer.exe (a Windows app). You can configure your router to point to the IP on your internal network where logviewer is running and you can view all inbound and outbound traffic. What's great is that it allows you to do this without having to hit the admin page and this little proggie displays much more traffic info than the admin page. You can even save log files for later review.
ftp://ftp.linksys.com/pub/befsr41/
Hope this helps!
-
I have a BEFSR41 as stated in the last post. Firmware is also updated. By saying that I have a different output, I mean that I still get the same amount of attacks as I did before I got the router.