Router is a Hacker?

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Zhanate

Thread Starter
Joined
Feb 3, 2006
Messages
2
I would like to know if I am misunderstanding something or if my software firewall is being a bit overactive. I don't know much about networking, so while this looks like silliness to me (I know for a fact that the "remote host" below is my router, I set it up.) I thought I should seek advice from someone more knowledgeable.

The router is a D-Link DIR-655 wireless gigabite draft-N router. The computer in question is connected through a wire. I have changed the default password on the router and have used PINs for the computers connected wirelessly. I've verified through the router that 192.168.0.197 is my computer, by name.

My software firewall, NetDefense from the SystemSuite 8 Pro package, keeps logging the these "attacks", port scans with the following characteristics:
Direction: Inbound
Protocol: UDP
Local IP: 192.168.0.197
Remote Host: 192.168.0.1
Application Involved: System

NetDefense offers these "details": "NetDefense has detected that the Remote Host "192.168.0.1" was attempting to scan active TCP and UDP ports on your computer. Port scanning is a gateway process used by Hackers to determine essential information about your computer before attempting more severe attacks. All incoming and outgoing traffic from this Hacker will be blocked."

Would external attacks look like they are coming from my router? The messages wouldn't bother me by themselves, or even with the silly flashing red icon, but sometimes the firewall apparently does start blocking the router and I have to turn the firewall off to access anything on the Internet. The router has a firewall, so I'm still protected, at least some.

Am I being silly even using a software firewall?

If the software firewall does have a use, can I safely insert a rule that allows all traffic from IPs 192.168.0.1 through 192.168.0.255, so it won't block my router or the other computers on my local network?
 
Joined
May 3, 2006
Messages
22,466
You know firewalls are the biggest pain and yes the firewall is pointing to the router as creating issues. You do not mention your OS but why not reinstall that Trend Micro without the firewall and use the Windows firewall or this will never end.
If you have a router with a hardware firewall, a good security suite which trend is adequate for antivirus and antispyware, don't let the paranoids scare you into thinking you need a 3rd party firewall. Vista has a 2 way firewall and XP has a partial 2 way after Sp2 but what is going to get in to dial out if you are careful and have good paid protection anyway?
 
Joined
Sep 21, 2007
Messages
12,461
I have had port scans that penetrate my NAT router.

I would not add that rule that you mentioned. That rule would practically render your firewall useless.

A software firewall is still useful even when you have a hardware firewall. It will prevent trojan horses from calling home. A lot of free downloads nowadays comes with spyware and installs without you knowing along with the main application. A software firewall's job is to prevent them from calling home.
 

Zhanate

Thread Starter
Joined
Feb 3, 2006
Messages
2
Thanks for your responses.

I'm using Windows XP and occasionally Vista (dual boot). I use the SystemSuite/NetDefense firewall because the Windows one annoyed me. I don't question its effectiveness. This one annoys me less ... except when it blocks my Internet access.

So external port scans can look like they're coming from my router. And the hardware firewall won't prevent unwanted outgoing traffic.

Maybe I'll try the Windows firewall again.

Again, thank you for the help.
 
Joined
Dec 8, 2006
Messages
4,469
Thanks for your responses.

I'm using Windows XP and occasionally Vista (dual boot). I use the SystemSuite/NetDefense firewall because the Windows one annoyed me. I don't question its effectiveness. This one annoys me less ... except when it blocks my Internet access.

So external port scans can look like they're coming from my router. And the hardware firewall won't prevent unwanted outgoing traffic.

Maybe I'll try the Windows firewall again.

Again, thank you for the help.
"The One-Way Firewall

Windows' built-in firewall has always suffered from the same flaw: Though it blocks suspicious stuff that comes in, it does nothing about what your PC sends out. Since an infected PC can mass-mail spam and forward your credit card numbers to someone without your better interest in mind, that's an important shortcoming.

Vista supposedly fixed this problem with the addition of a firewall capable of watching and blocking outbound traffic. But that capability is turned off by default. And Vista's designers forgot to put the controls that turn it on in a place where you're likely to look for it: the Windows Firewall Settings dialog box.

Here are two solutions.

1. Go to the secret place where you can turn on outgoing protection: Click Start, type firewall, and select Windows Firewall with Advanced Security. Click Windows Firewall Properties. The first three of the resulting dialog box's four tabs contain an Outbound Connections drop-down menu. In all three, select Block.

2. Get another, better firewall: Even with two-way protection enabled, Windows' firewall is a feeble guardian. On the other hand, the free Comodo Firewall Pro came out tops in independent testing, even compared with well-known commercial products such as Norton Internet Security (according to Matousec's Firewall Challenge)."
http://www.pcworld.com/article/150735-2/10_fixes_for_vistas_worst_features.html
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Members online

Top