View previous topic :: View next topic |
Author |
Message |
dragon -
Joined: 18 Feb 2004 Posts: 16
|
Posted: Wed Feb 18, 2004 9:57 pm Post subject: Need Help Plz |
|
|
I have a Linux machine (out of order) and two XP machines, a belkin router, and a generic modem. I put my "dragon" machine (xp) on the DMZ and used Nortan Internet Security 2003. Worked great for a couple hours in the morning, my whole home network internet access comes on randomly throughout the day which makes my wife crazy. My ISP checked connectivity and problems with the line... everything is fine, they even changed my modem (TOSHIBA) and still have connectivity problems. HOME NETWORK RUNS FINE WHEN ABYSS IS NOT RUNNING AND MY "DRAGON" MACHINE IS BEHIND MY ROUTER (NOT ON DMZ). I have considered the "DoS Attack" and I just don't think thats the problem. I have tried opening a port 80 but I get too many attacks on that port. I have really run into a wall here.
Any help or discussion would be greatly appreciated... Kris
FYI Been working on this prob for three weeks |
|
Back to top |
|
|
TRUSTAbyss -
Joined: 29 Oct 2003 Posts: 3752 Location: USA, GA
|
Posted: Thu Feb 19, 2004 12:27 am Post subject: |
|
|
You should never use DMZ on your router , due to the
fact that all ports are open and its possible you can
become vulnerable to an attacker , always use port
forwarding when setting up any kind of server.
P.S. My Brother in law Nigel Told me
about these security issues 8) |
|
Back to top |
|
|
iNaNimAtE -
Joined: 05 Nov 2003 Posts: 2381 Location: Everywhere you're not.
|
Posted: Thu Feb 19, 2004 2:18 am Post subject: |
|
|
View the Abyss logs frequently. See what is going on, and if you see hundreds of requests from the same IP/groups of IPs, ban the group. That might solve problems. To ban, use Kerio Personal Firewall (search "banning Kerio Firewall" in these forums, because someone posted a tutoral on how to do it). _________________ Bienvenidos! |
|
Back to top |
|
|
Anonymoose -
Joined: 09 Sep 2003 Posts: 2192
|
Posted: Thu Feb 19, 2004 2:43 am Post subject: |
|
|
There's no danger in setting your PC up to run in the DMZ if it's configured properly. Hackers (or more likely worms) can only attack whatever services you have running. Don't run any unnecessary services, set up a personal firewall with sensible rules and voila, your PC is as safe in the DMZ as behind port forwarding.
Have you checked there isn't a setting in Norton to kill the network after X number of so called hack attempts ? Abyss running or not is a red herring in your situation - you say it fails when you put your machine in the DMZ with Abyss running it fails, but when not in the DMZ with Abyss *not* running it works. Is this a typo or have you not tried Abyss running behind the router ?
The tutorial for banning IP's with Kerio is here :
http://www.aprelium.com/forum/viewtopic.php?t=2799 |
|
Back to top |
|
|
dragon -
Joined: 18 Feb 2004 Posts: 16
|
Posted: Thu Feb 19, 2004 4:40 pm Post subject: |
|
|
First of all I appreciate your replys
Yes I did try to do the "port forwarding" i think, I have a belkin router and there is an area called "Virtual Servers" it has Enable, Description,
Port __-__ and 192.168.2.__ and private ports ___-___. I really wasnt sure about the private port but when I left it blank it told me to enter a port number from 1 to 65***. So I went ahead and put the same port number in there. I have gotten to access my site from an outside location on port 80 and all this stuff started happening. Then I kept trouble shooting and then I went into my router and it said " Your Router is Currently Being Managed By 60.1.1.1 or something like that... I was like holy &^%$. So I reset the router and put a new password, and that is when I tried the DMZ. So I gave my wife a couple of days of both computers behind the router to ease her mind about the internet, I got to work on my hotrod in the mean time, anyhoo, I am still running Norton IS 2003 and I think its ok because it has a setting to add programs to Permit. This morning I set it to port 4123 and that didnt work so I logged on to my machine from work using Ultra VNC (remote port 5900) and I tried port 8000 and it seemed to work fine for thirty minuntes then it cuts out had like 350 hits in thirty... its that too much??? for a cable modem??? My internet at home will come back on in a while for another 10 min. and then poop... no internet for my wife... yikes |
|
Back to top |
|
|
dragon -
Joined: 18 Feb 2004 Posts: 16
|
Posted: Fri Mar 26, 2004 5:02 pm Post subject: Still No Solution |
|
|
Still No Solution,
My Tech tells me that the fluxuation of the upload speed provided by the cable company could cause the modem to get clogged. Therefore rendering my network useless untill the modem is restarted... What do you guys think. My speed fluxuates from 300 to 384... I think that should be plenty to run VNC (remote software) and a simple little server. I did try to use kerio and same prob. What kerio did let me know is that when i put music on my web page and use VNC at the same time 47k of upload speed is being used. this is nothing compared to the 300 to 384 so why would it fail??????????????/ |
|
Back to top |
|
|
iNaNimAtE -
Joined: 05 Nov 2003 Posts: 2381 Location: Everywhere you're not.
|
Posted: Sat Mar 27, 2004 1:37 am Post subject: |
|
|
No, I doubt your modem would shut down after a certain number of hits. _________________ Bienvenidos! |
|
Back to top |
|
|
dragon -
Joined: 18 Feb 2004 Posts: 16
|
Posted: Mon Mar 29, 2004 4:00 pm Post subject: Any Ideas Then? |
|
|
This might help. This DOS will happen even when I JUST use VNC, although I will get an extra hour of usage outta my internet. |
|
Back to top |
|
|
iNaNimAtE -
Joined: 05 Nov 2003 Posts: 2381 Location: Everywhere you're not.
|
Posted: Mon Mar 29, 2004 11:03 pm Post subject: |
|
|
So maybe you can't handle the VNC. _________________ Bienvenidos! |
|
Back to top |
|
|
dragon -
Joined: 18 Feb 2004 Posts: 16
|
Posted: Mon Mar 29, 2004 11:09 pm Post subject: Wha ... |
|
|
thanks for that very helpful comment... |
|
Back to top |
|
|
|