You'll get no argument out of me that Windows is a worms dream come true... but I wouldn't put all my security eggs in a NAT basket. I'll agree that a Linksys performing NAT is better than nothing... but not a whole lot better. NAT is not intended to be a security layer although it will provide a certain amount just by performing it's intended function. Any port left open to provide access to services inside the NAT device, will provide a possible way in. You should always run multiple layers of security and above all... close all ports and shut down all services you don't absolutely need.
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 29, 2006 6:00 PM To: [email protected] Subject: Re: [hlds] HL2DM Server now behind WG Firebox 700 was playable bu t not listed NAT by default will not forward incoming packets to ports that are not in the routing table. That is how it keeps nasties out. If the port is already open, then that is another story. So, when some nasty worm tries to come into some Microsoft service that is full of exploits, the packet comes into my router, the router searches the routing table and does not find any entries for the requested port. The router discards the packet. Want to find out how dangerous the Internet really is? Load Windows onto a computer with no firewall, no AV, no NAT (or put it into the DMZ). Unless your service provider blocks commonly exploited ports, the computer won't last 5 minutes. Worms that exploit unpatched microsoft services are everywhere and hammer firewalls and routers incessantly. I found this out the hard way when I reinsstalled XP SP2 onto my laptop and dialed into the Internet with no firewall or AV. Some worm hit me within 30 seconds, and I lost the entire contents of the laptop. I had to reformat to get rid of the worm because the removal tools were unable to repair all infected files. ----- Original Message ----- From: "Edward Luna" <[EMAIL PROTECTED]> To: <[email protected]> Sent: Wednesday, March 29, 2006 2:34 PM Subject: RE: [hlds] HL2DM Server now behind WG Firebox 700 was playable bu t not listed > "I use a Linksys with NAT in > place of a firewall. Works for me. Keeps nasties out." > > How does NAT keep nasties out? > > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > Sent: Wednesday, March 29, 2006 3:53 PM > To: [email protected] > Subject: Re: [hlds] HL2DM Server now behind WG Firebox 700 was playable > bu t not listed > > > Not me - the OP I think is the one with the WG. I use a Linksys with NAT > in > place of a firewall. Works for me. Keeps nasties out. Unlike a firewall, > it > does not keep nasties in, but so far nothing has gotten in. I run my web > and > ftp and p2p servers on a linux box that have no access to the rest of the > network - I have Samba setup to allow other clients to read the drives on > the Linux box, but nothing on the linux box can access drives on other > boxes. This gives another slight layer of security. My biggest risk is the > Linux box with a bunch of open ports. My HL server only has port 27015 > open. > > > ----- Original Message ----- > From: "Stuart Stegall" <[EMAIL PROTECTED]> > To: <[email protected]> > Sent: Wednesday, March 29, 2006 12:08 PM > Subject: Re: [hlds] HL2DM Server now behind WG Firebox 700 was playable bu > t > not listed > > >> This is a multi-part message in MIME format. >> -- >> [ Picked text/plain from multipart/alternative ] >> I am going to still suggest that Ook should just return the WG and use >> his Linksys. There's just no need. >> >> >> Edward Luna wrote: >>> There is no reason that you can't run behind a WG firewall. I have two >>> separate Internet Connections and I use two WG firewalls. One is a >>> small >>> Soho and the other is a WG FireBox X500... both function perfectly. All >>> you >>> need do is configure them correctly and your server will be fine. >>> >>> I've already posted how to stop the WG700 from auto-blocking IP addy's. >>> Stick with the troubleshooting and we'll resolve your issue. >>> >>> The problem lies between the modem (please let me know which one) and >>> the >>> WatchGuard External Interface. If I can't ping your WG External >>> Interface >>> there can only be two reasons... 1.) you've disabled ping response or >>> 2.) >>> The modem is not passing the ping request to the WG external Interface. >>> >>> I've seen DSL modems setup to do all sorts of advanced things... >>> especially >>> Verizon DSL... even if you've subscribed for a static IP address, they >>> often >>> don't pass that IP thru to the connected device unless the pass thru >>> option >>> is selected. >>> >>> What modem are you using? >>> >>> >>> >>> -----Original Message----- >>> From: Ook [mailto:[EMAIL PROTECTED] >>> Sent: Tuesday, March 28, 2006 9:45 PM >>> To: [email protected] >>> Subject: Re: [hlds] HL2DM Server now behind WG Firebox 700 was playable >>> but not listed >>> >>> >>> Get rid of the FB? Find something else? I run my server behind a Linksys >>> WRT54G, which is behind a Westell 2100 in gateway mode, with no >>> firewall. >>> Nat is enough security for what I do, I've never had any security issues >>> except for the time I did a fresh install of Winbloze on my laptop and >>> stupidly dialed into the Internet with no firewall or AV and had some >>> worm >>> come in(thanks to all of the many holes in Winbloze). I lost the entire >>> contents of my laptop, but fortunately I wasn't connected to my network >>> at >>> the time. >>> >>> How many here run behind a router with no firewall? How many have >>> firewalls, >>> and what kind of firewall? >>> >>> >>> ----- Original Message ----- >>> From: "CYKO" <[EMAIL PROTECTED]> >>> To: <[email protected]> >>> Sent: Tuesday, March 28, 2006 5:58 PM >>> Subject: RE: [hlds] HL2DM Server now behind WG Firebox 700 was playable >>> but >>> not listed >>> >>> >>> >>>> ALSO Now after being connected to the game for 10 minutes, the FB is >>>> blocking my IP from connecting, So now I have to wait 15 minutes for >>>> the >>>> block to be removed. Very Funny, I might just go back to the Linksys >>>> Router. >>>> >>>> CYKO >>>> >>>> -----Original Message----- >>>> From: [EMAIL PROTECTED] >>>> [mailto:[EMAIL PROTECTED] On Behalf Of CYKO >>>> Sent: Tuesday, March 28, 2006 8:26 PM >>>> To: [email protected] >>>> Subject: [hlds] HL2DM Server now behind WG Firebox 700 was playable but >>>> not >>>> listed >>>> Importance: High >>>> >>>> >>>> >>>> Ok here is what is happenning, The game is running behind a WG FB700 >>>> with >>>> a >>>> rule that says: >>>> >>>> Incomming: >>>> >From Any To NAT 69.74.70.242 - 192.168.1.15 TPC 27090 - 27100 UDP >>>> >27090 - >>>> 27100 >>>> Outgoing: >>>> To ANY From ANY >>>> Same Ports! >>>> >>>> With this configuration the game is visiable to "Gamemonitor.com" and >>>> you >>>> can add it to your Favorites in STEAM BUT if you list all internet >>>> games, >>>> It >>>> is NOT in the List. >>>> >>>> HELP! >>>> PS I left the ping respose open for anyone to test. >>>> >>>> CYKO >>>> >>>> >>>> >>>> _______________________________________________ >>>> To unsubscribe, edit your list preferences, or view the list archives, >>>> please visit: >>>> http://list.valvesoftware.com/mailman/listinfo/hlds >>>> >>>> >>>> >>>> _______________________________________________ >>>> To unsubscribe, edit your list preferences, or view the list archives, >>>> please visit: >>>> http://list.valvesoftware.com/mailman/listinfo/hlds >>>> >>> >>> >>> _______________________________________________ >>> To unsubscribe, edit your list preferences, or view the list archives, >>> please visit: >>> http://list.valvesoftware.com/mailman/listinfo/hlds >>> >>> _______________________________________________ >>> To unsubscribe, edit your list preferences, or view the list archives, >>> please visit: >>> http://list.valvesoftware.com/mailman/listinfo/hlds >>> >>> >> >> -- >> >> _______________________________________________ >> To unsubscribe, edit your list preferences, or view the list archives, >> please visit: >> http://list.valvesoftware.com/mailman/listinfo/hlds > > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
