I would like to know if I am misunderstanding something or if my software firewall is being a bit overactive. I don't know much about networking, so while this looks like silliness to me (I know for a fact that the "remote host" below is my router, I set it up.) I thought I should seek advice from someone more knowledgeable.
The router is a D-Link DIR-655 wireless gigabite draft-N router. The computer in question is connected through a wire. I have changed the default password on the router and have used PINs for the computers connected wirelessly. I've verified through the router that 192.168.0.197 is my computer, by name.
My software firewall, NetDefense from the SystemSuite 8 Pro package, keeps logging the these "attacks", port scans with the following characteristics:
Direction: Inbound
Protocol: UDP
Local IP: 192.168.0.197
Remote Host: 192.168.0.1
Application Involved: System
Would external attacks look like they are coming from my router? The messages wouldn't bother me by themselves, or even with the silly flashing red icon, but sometimes the firewall apparently does start blocking the router and I have to turn the firewall off to access anything on the Internet. The router has a firewall, so I'm still protected, at least some.
Am I being silly even using a software firewall?
If the software firewall does have a use, can I safely insert a rule that allows all traffic from IPs 192.168.0.1 through 192.168.0.255, so it won't block my router or the other computers on my local network?
The router is a D-Link DIR-655 wireless gigabite draft-N router. The computer in question is connected through a wire. I have changed the default password on the router and have used PINs for the computers connected wirelessly. I've verified through the router that 192.168.0.197 is my computer, by name.
My software firewall, NetDefense from the SystemSuite 8 Pro package, keeps logging the these "attacks", port scans with the following characteristics:
Direction: Inbound
Protocol: UDP
Local IP: 192.168.0.197
Remote Host: 192.168.0.1
Application Involved: System
NetDefense offers these "details": "NetDefense has detected that the Remote Host "192.168.0.1" was attempting to scan active TCP and UDP ports on your computer. Port scanning is a gateway process used by Hackers to determine essential information about your computer before attempting more severe attacks. All incoming and outgoing traffic from this Hacker will be blocked."
Would external attacks look like they are coming from my router? The messages wouldn't bother me by themselves, or even with the silly flashing red icon, but sometimes the firewall apparently does start blocking the router and I have to turn the firewall off to access anything on the Internet. The router has a firewall, so I'm still protected, at least some.
Am I being silly even using a software firewall?
If the software firewall does have a use, can I safely insert a rule that allows all traffic from IPs 192.168.0.1 through 192.168.0.255, so it won't block my router or the other computers on my local network?