firewall/router question

Ever since I set up a wireless router, Zone Alarm has not recorded one
attempted intrusion. Prior to the router, there were usually dozens.
Is the router's security/encryption (WPA) blocking the intrusions before
they get to Zone Alarm??

tia

From: "richard"

| Ever since I set up a wireless router, Zone Alarm has not recorded one
| attempted intrusion. Prior to the router, there were usually dozens.
| Is the router's security/encryption (WPA) blocking the intrusions before
| they get to Zone Alarm??

| tia

No, Network Address Translation (NAT) is blocking the activity. NAT is a foundation of
SOHO Routers and is why NAT Routers and NAT Rouers with full FireWall implemntations
(akak; FireWall Appliance) are better than software based FireWalls.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

WPA has nothing to do with this, WPA being the encryption used for the
wireless link between your system(s) and the router. What is a factor is
that the router is no doubt using NAT, Network Address Translation. What
this means is that the router, facing the internet is using one IP
(network address) whereas on the private side it is using another, usually
in the range 192.168.x.x, with your connected systems also using addresses
in the private 192.168.x.x range. External traffic hits the router and is
only routed to your internal PC(s) when the incoming packets are in
response to requests you have made (assuming you aren't running a server).
In other words all the nasties are knocking at the door of the router and
going no where.

It is for this reason that many of us have long recommended the use of a
router even if the user only has the one system. Routers with NAT are
invariably better than most firewalls at blocking intrusions and at the
same time relieve the load on the local system. Not that running a
firewall on your system doesn't have benefits as it allows you some
control over what goes _out_ rather than comes in however when it comes to
nasties, if they are stopped on the way out this means you are already
compromised, perhaps as a result of opening an attachment in an e-mail or
visiting a malicious web site. However not everything wanting to call home
is necessarily malicious, sometimes simply unwanted, such as happens with
many legitimate applications and operating systems.
--
Mike Maltby




richard wrote:

Ever since I set up a wireless router, Zone Alarm has not recorded one
attempted intrusion. Prior to the router, there were usually dozens.
Is the router's security/encryption (WPA) blocking the intrusions
before they get to Zone Alarm??

tia

Hi Mike,
I don't know much about these things, but let me ask a question. When I
go to one of the sites that finds one's IP address, it finds mine,
always the same. How can it do that if the router is sending out another IP.

My setup is simple: cable into modem, modem into router, router into my
PC. I am using a LinkSys wrt54gl. Have I set up the router incorrectly
perhaps?

Thanks

Mike M wrote:
WPA has nothing to do with this, WPA being the encryption used for the
wireless link between your system(s) and the router. What is a factor
is that the router is no doubt using NAT, Network Address Translation.
What this means is that the router, facing the internet is using one IP
(network address) whereas on the private side it is using another,
usually in the range 192.168.x.x, with your connected systems also using
addresses in the private 192.168.x.x range. External traffic hits the
router and is only routed to your internal PC(s) when the incoming
packets are in response to requests you have made (assuming you aren't
running a server). In other words all the nasties are knocking at the
door of the router and going no where.

It is for this reason that many of us have long recommended the use of a
router even if the user only has the one system. Routers with NAT are
invariably better than most firewalls at blocking intrusions and at the
same time relieve the load on the local system. Not that running a
firewall on your system doesn't have benefits as it allows you some
control over what goes _out_ rather than comes in however when it comes
to nasties, if they are stopped on the way out this means you are
already compromised, perhaps as a result of opening an attachment in an
e-mail or visiting a malicious web site. However not everything wanting
to call home is necessarily malicious, sometimes simply unwanted, such
as happens with many legitimate applications and operating systems.

PS--when I checked my IP via ipconfig, the number began 192.168. The IP
that is always returned the same via the Find My IP sites begins 67.172.
Perhaps those numbers will help you to explain what I am asking.
Thanks

richard wrote:
Hi Mike,
I don't know much about these things, but let me ask a question. When I
go to one of the sites that finds one's IP address, it finds mine,
always the same. How can it do that if the router is sending out another
IP.

My setup is simple: cable into modem, modem into router, router into my
PC. I am using a LinkSys wrt54gl. Have I set up the router incorrectly
perhaps?

Thanks

Mike M wrote:
WPA has nothing to do with this, WPA being the encryption used for the
wireless link between your system(s) and the router. What is a factor
is that the router is no doubt using NAT, Network Address
Translation. What this means is that the router, facing the internet
is using one IP (network address) whereas on the private side it is
using another, usually in the range 192.168.x.x, with your connected
systems also using addresses in the private 192.168.x.x range.
External traffic hits the router and is only routed to your internal
PC(s) when the incoming packets are in response to requests you have
made (assuming you aren't running a server). In other words all the
nasties are knocking at the door of the router and going no where.

It is for this reason that many of us have long recommended the use of
a router even if the user only has the one system. Routers with NAT
are invariably better than most firewalls at blocking intrusions and
at the same time relieve the load on the local system. Not that
running a firewall on your system doesn't have benefits as it allows
you some control over what goes _out_ rather than comes in however
when it comes to nasties, if they are stopped on the way out this
means you are already compromised, perhaps as a result of opening an
attachment in an e-mail or visiting a malicious web site. However not
everything wanting to call home is necessarily malicious, sometimes
simply unwanted, such as happens with many legitimate applications and
operating systems.

From: "richard"

| Hi Mike,
| I don't know much about these things, but let me ask a question. When I
| go to one of the sites that finds one's IP address, it finds mine,
| always the same. How can it do that if the router is sending out another IP.

| My setup is simple: cable into modem, modem into router, router into my
| PC. I am using a LinkSys wrt54gl. Have I set up the router incorrectly
| perhaps?

| Thanks


You have two IP addresses. One on the LAN side of the Router and one on the Internet
(WAN) side of the Router.

The translation between WAN and LAN addreses is what the Router does. This is the nature
of of NAT as well.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

"David H. Lipman" wrote in message
...


You have two IP addresses. One on the LAN side of the Router and one
on the Internet (WAN) side of the Router.

The translation between WAN and LAN addreses is what the Router does.
This is the nature of of NAT as well.

I shall have to pick your collective brains later. I still have that
blasted D-Link Wireless router sitting here NOT connected up. I don't
have one clue on this piece of junk and need to put it on before Elayne
comes. I did manage to get it working 2 Christmases ago, but don't know
how. It is a model DI-764, I believe.

Night.....root canal in the morning......wahhhhhh!!

Figgs

Richard,

As I explained in my original post and again by David, your router has one
IP address that is outward facing, that is on the internet or WAN side
(in your case one in the 67.172 range) and your PC and everything on your
side (LAN side) of the router (including the router itself) has an address
in the private range 192.168.x.x. Note that addresses in the 192.168
range are what are called private addresses and non routable over the
internet, the same is true for those in the 10.x.x.x and 172.16.xx -
172.31.255.255 ranges. That is any traffic sent to such an address on the
internet will not go further than the first router it encounters. When
traffic hits your router from the internet your router then translates the
address to an internal address and forwards the packet (hence the NAT) or
drops the packet if it had not been requested by your system (the firewall
effect).
--
Mike Maltby



richard wrote:

PS--when I checked my IP via ipconfig, the number began 192.168. The
IP that is always returned the same via the Find My IP sites begins
67.172. Perhaps those numbers will help you to explain what I am
asking.

If you had it working then, why did you stop using it ?
Joan

--
Joan Archer
http://www.freewebs.com/crossstitcher
http://lachsoft.com/photogallery

"Heather" wrote in message
...

"David H. Lipman" wrote in message
...


You have two IP addresses. One on the LAN side of the Router and one on
the Internet (WAN) side of the Router.

The translation between WAN and LAN addreses is what the Router does.
This is the nature of of NAT as well.

I shall have to pick your collective brains later. I still have that
blasted D-Link Wireless router sitting here NOT connected up. I don't
have one clue on this piece of junk and need to put it on before Elayne
comes. I did manage to get it working 2 Christmases ago, but don't know
how. It is a model DI-764, I believe.

Night.....root canal in the morning......wahhhhhh!!

Figgs

From: "Heather"



| I shall have to pick your collective brains later. I still have that
| blasted D-Link Wireless router sitting here NOT connected up. I don't
| have one clue on this piece of junk and need to put it on before Elayne
| comes. I did manage to get it working 2 Christmases ago, but don't know
| how. It is a model DI-764, I believe.

| Night.....root canal in the morning......wahhhhhh!!

| Figgs


You can pick my brain (all 2 cells left) however you can't pick my nose. :-)


--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp