Need Help Plz

 
Post new topic   Reply to topic    Aprelium Forum Index -> Networking Issues
View previous topic :: View next topic  
Author Message
dragon
-


Joined: 18 Feb 2004
Posts: 16

PostPosted: Wed Feb 18, 2004 9:57 pm    Post subject: Need Help Plz Reply with quote

I have a Linux machine (out of order) and two XP machines, a belkin router, and a generic modem. I put my "dragon" machine (xp) on the DMZ and used Nortan Internet Security 2003. Worked great for a couple hours in the morning, my whole home network internet access comes on randomly throughout the day which makes my wife crazy. My ISP checked connectivity and problems with the line... everything is fine, they even changed my modem (TOSHIBA) and still have connectivity problems. HOME NETWORK RUNS FINE WHEN ABYSS IS NOT RUNNING AND MY "DRAGON" MACHINE IS BEHIND MY ROUTER (NOT ON DMZ). I have considered the "DoS Attack" and I just don't think thats the problem. I have tried opening a port 80 but I get too many attacks on that port. I have really run into a wall here.

Any help or discussion would be greatly appreciated... Kris
FYI Been working on this prob for three weeks
Back to top View user's profile Send private message
TRUSTAbyss
-


Joined: 29 Oct 2003
Posts: 3714
Location: USA, GA

PostPosted: Thu Feb 19, 2004 12:27 am    Post subject: Reply with quote

You should never use DMZ on your router , due to the
fact that all ports are open and its possible you can
become vulnerable to an attacker , always use port
forwarding when setting up any kind of server.

P.S. My Brother in law Nigel Told me
about these security issues 8)
_________________
Computer Programmer & Networking Specialist

Back to top View user's profile Send private message Visit poster's website MSN Messenger
iNaNimAtE
-


Joined: 05 Nov 2003
Posts: 2381
Location: Everywhere you're not.

PostPosted: Thu Feb 19, 2004 2:18 am    Post subject: Reply with quote

View the Abyss logs frequently. See what is going on, and if you see hundreds of requests from the same IP/groups of IPs, ban the group. That might solve problems. To ban, use Kerio Personal Firewall (search "banning Kerio Firewall" in these forums, because someone posted a tutoral on how to do it).
_________________
Bienvenidos!
Back to top View user's profile Send private message Send e-mail Visit poster's website AIM Address Yahoo Messenger MSN Messenger ICQ Number
Anonymoose
-


Joined: 09 Sep 2003
Posts: 2192

PostPosted: Thu Feb 19, 2004 2:43 am    Post subject: Reply with quote

There's no danger in setting your PC up to run in the DMZ if it's configured properly. Hackers (or more likely worms) can only attack whatever services you have running. Don't run any unnecessary services, set up a personal firewall with sensible rules and voila, your PC is as safe in the DMZ as behind port forwarding.

Have you checked there isn't a setting in Norton to kill the network after X number of so called hack attempts ? Abyss running or not is a red herring in your situation - you say it fails when you put your machine in the DMZ with Abyss running it fails, but when not in the DMZ with Abyss *not* running it works. Is this a typo or have you not tried Abyss running behind the router ?

The tutorial for banning IP's with Kerio is here :
http://www.aprelium.com/forum/viewtopic.php?t=2799
Back to top View user's profile Send private message
dragon
-


Joined: 18 Feb 2004
Posts: 16

PostPosted: Thu Feb 19, 2004 4:40 pm    Post subject: Reply with quote

First of all I appreciate your replys

Yes I did try to do the "port forwarding" i think, I have a belkin router and there is an area called "Virtual Servers" it has Enable, Description,
Port __-__ and 192.168.2.__ and private ports ___-___. I really wasnt sure about the private port but when I left it blank it told me to enter a port number from 1 to 65***. So I went ahead and put the same port number in there. I have gotten to access my site from an outside location on port 80 and all this stuff started happening. Then I kept trouble shooting and then I went into my router and it said " Your Router is Currently Being Managed By 60.1.1.1 or something like that... I was like holy &^%$. So I reset the router and put a new password, and that is when I tried the DMZ. So I gave my wife a couple of days of both computers behind the router to ease her mind about the internet, I got to work on my hotrod in the mean time, anyhoo, I am still running Norton IS 2003 and I think its ok because it has a setting to add programs to Permit. This morning I set it to port 4123 and that didnt work so I logged on to my machine from work using Ultra VNC (remote port 5900) and I tried port 8000 and it seemed to work fine for thirty minuntes then it cuts out had like 350 hits in thirty... its that too much??? for a cable modem??? My internet at home will come back on in a while for another 10 min. and then poop... no internet for my wife... yikes
Back to top View user's profile Send private message
dragon
-


Joined: 18 Feb 2004
Posts: 16

PostPosted: Fri Mar 26, 2004 5:02 pm    Post subject: Still No Solution Reply with quote

Still No Solution,

My Tech tells me that the fluxuation of the upload speed provided by the cable company could cause the modem to get clogged. Therefore rendering my network useless untill the modem is restarted... What do you guys think. My speed fluxuates from 300 to 384... I think that should be plenty to run VNC (remote software) and a simple little server. I did try to use kerio and same prob. What kerio did let me know is that when i put music on my web page and use VNC at the same time 47k of upload speed is being used. this is nothing compared to the 300 to 384 so why would it fail??????????????/
Back to top View user's profile Send private message
iNaNimAtE
-


Joined: 05 Nov 2003
Posts: 2381
Location: Everywhere you're not.

PostPosted: Sat Mar 27, 2004 1:37 am    Post subject: Reply with quote

No, I doubt your modem would shut down after a certain number of hits.
_________________
Bienvenidos!
Back to top View user's profile Send private message Send e-mail Visit poster's website AIM Address Yahoo Messenger MSN Messenger ICQ Number
dragon
-


Joined: 18 Feb 2004
Posts: 16

PostPosted: Mon Mar 29, 2004 4:00 pm    Post subject: Any Ideas Then? Reply with quote

This might help. This DOS will happen even when I JUST use VNC, although I will get an extra hour of usage outta my internet.
Back to top View user's profile Send private message
iNaNimAtE
-


Joined: 05 Nov 2003
Posts: 2381
Location: Everywhere you're not.

PostPosted: Mon Mar 29, 2004 11:03 pm    Post subject: Reply with quote

So maybe you can't handle the VNC.
_________________
Bienvenidos!
Back to top View user's profile Send private message Send e-mail Visit poster's website AIM Address Yahoo Messenger MSN Messenger ICQ Number
dragon
-


Joined: 18 Feb 2004
Posts: 16

PostPosted: Mon Mar 29, 2004 11:09 pm    Post subject: Wha ... Reply with quote

thanks for that very helpful comment...
Back to top View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Aprelium Forum Index -> Networking Issues All times are GMT + 1 Hour
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB phpBB Group