help dlink dsl-604+

Hello all, I am using the dsl-604+ with plusnet as my isp with a
mixture of linux machines, mandrake and debian 3. Just got this
'working' today (sort of).

I am not happy just using nat. grc.com and www.sygatetech.com
show big problems, most of the common ports are reported as just
'closed' with icmp shown as 'open'

Can someone give me an example of a rule/rules to block all
unauthorised ingress to my network? Or point me to where the
info is? I don't want to run any servers on any machines.


thanks

andrew joseph

andrew joseph
Please purge text between the @ and ba- when replying.
--
andrew joseph
Please purge text between the @ and ba- when replying.

On Sun, 31 Aug 2003 20:56:49 +0100, andrew joseph wrote:
> I am not happy just using nat. grc.com and www.sygatetech.com
> show big problems, most of the common ports are reported as just
> 'closed' with icmp shown as 'open'

I don't know about sygatetech.com, but GRC is run by an idiot who doesn't
seem to be aware of how the net works.

Personally, I would be inclined to ignore and 'warning' - seeing that
ports are closed isn't a security risk, no matter what he might be saying.

Cheers,

Alex.

Alex Hudson wrote:

> On Sun, 31 Aug 2003 20:56:49 +0100, andrew joseph wrote:
>> I am not happy just using nat. grc.com and www.sygatetech.com
>> show big problems, most of the common ports are reported as just
>> 'closed' with icmp shown as 'open'
>
> I don't know about sygatetech.com, but GRC is run by an idiot who
> doesn't seem to be aware of how the net works.
>
> Personally, I would be inclined to ignore and 'warning' - seeing
> that ports are closed isn't a security risk, no matter what he might
> be saying.
>
> Cheers,
>
> Alex.

Thanks but icmp is shown as open on the router, this can't be a good
thing
--
andrew joseph
Please purge text between the @ and ba- when replying.

On Mon, 01 Sep 2003 13:31:51 +0100, andrew joseph wrote:
>> Personally, I would be inclined to ignore and 'warning' - seeing that
>> ports are closed isn't a security risk, no matter what he might be
>> saying.
>
> Thanks but icmp is shown as open on the router, this can't be a good
> thing

That's because you read the rantings of S Gibson.

Everyone else knows that ICMP is *required* for a functioning connection
(i.e., if you want to connect reliably, you don't have an option: you
accept ICMP).

If you want to stop 'ping', you can do that but it doesn't buy you
anything security wise. I would advise you to read around from better
sources. In the meantime, don't worry - if you have NAT enabled, you are
impervious to anyone but an extremely determined, experienced cracker. And
you're not going to be able to prevent them from accessing your 'net with
GRC-style lockdown. And they're probably not going to want to access your
'net because you're not a bank or a big company/website.

Cheers,

Alex.

On Mon, 01 Sep 2003 17:16:46 +0100, Alex Hudson wrote:

> On Mon, 01 Sep 2003 13:31:51 +0100, andrew joseph wrote:
>>> Personally, I would be inclined to ignore and 'warning' - seeing that
>>> ports are closed isn't a security risk, no matter what he might be
>>> saying.
>>
>> Thanks but icmp is shown as open on the router, this can't be a good
>> thing
>
> That's because you read the rantings of S Gibson.
>
> Everyone else knows that ICMP is *required* for a functioning connection
> (i.e., if you want to connect reliably, you don't have an option: you
> accept ICMP).
>

> Cheers,
>
> Alex.

thanks alex, that helps

--
andrew joseph
Please purge text between the @ and ba- when replying.