"Xmas" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> (E-Mail Removed) wrote:
>
> I updated it in a vain attempt to fix the problem - thought it must be a
> bug in the firewall code.
>
> It's a weird problem but one I can replicate every time. If I turn on
> the firewall then my internet access slows to a crawl and web pages stop
> loading properly, if I turn the firewall off then all is well. Bizarro.
>
The "Firewall" is incorrectly seeing a large number of outgoing connections
as a SYN flood - many people have the same problem. Just turn it off and
forget about it - "Firewalls" like the one in this 3COM consumer unit of
dubious benefit and usually cause more problems than they solve as you've
found out.
Incidentally most cheap domestic routers (including most 3COM units) use the
Allegro ROM pager toolkit for at least their HTTP interface and various
Allegro versions have been known to have serious security flaws exposing the
admin functions to all and sundry passing on the WAN port.
The usual security recommendations are to black hole forward the usual
suspects appearing on the WAN port to an unused internal IP address, (if
you're not already forwarding them to a real server of course) These include
telnet port 23 - and the usual http admin ranges which vary on 3COM products
but include ports 80, 81, 8080, 8081 and 443.
As the manufacturers don't generally publish which version of the toolkits
they use its safest to assume that your router may contain any of the bugs
and take appropriate action. I also disable Plug'n'Play as well - but NOT
ICMP pings as this can affect your automatic MTU calculation (if used).
However you can get too paranoid if you're not careful!
regards,
Zippy.
Similar Threads
Linear Mode
