Router questions

[jcarter]

I have a 2 year old Asante FR3004C router.  I know not much about it, except that I wanted a firewall and a way to have 2 Macs(OS 9.2.2) to be net connected at the same time.
Bought it, plugged it in to my cable modem, and it has worked flawlessly.  But now, I find that I need to reset it every morning or a couple times a day so re-connect to the net.  I unplug the power for a minute or 2. I wonder why?
 Do I need to upgrade the firmware perhaps? If so, I better find out how to do that properly.

Also I was looking at the router log, and found "unrecognized access" from several IP addresses to port 1026  from places around the world.  I have not a clue what is happening, but I thought that a router would provide a firewall, so people could not get 'into' my Mac.
My learning process is unending and sure is fun, thanks to you people. I have been learning Photoshop, so havent been back here for a while.
Thanks again,  Jane

[bobw]

Port 1026 is used by spammers. You should be able to block that port in your Router setup. Your Router may have ports open by default. I'm not familiar with that router, so I can't help. If you have a manual that came with it, that should help, if not, go to Asante's site and look at their support pages.

[jcarter]

Thank you, Bob,  I will consult my manual for that.  This is something that I know nothing about.   It is interesting, though, as I get a lot of spam, too darn much.   I have Earthlink and have my mail forwarded to my cable ISP, Adelphia.  We are bombarded with spam.
Wondering whether their "Unauthorized Access" was blocked by the router(any router).  Nothing strange has been going on with my Mac.  Would I know?  This sure is an interesting topic.  
In all the years that I have had these Mac computers, I have never had a virus, now that I have the router, I leave the net on all day.  I wonder if I am 'living dangerously'.
I would like to learn more about routers and this sort of troubleshooting.
Jane
 

[jcarter]

Been looking at all the settings and instructions for the router, I am afraid that this stuff is a bit beyond this grandmother. I would think that I should not mess around with it, with my lack of knowledge.  
Maybe I should just live with the rebooting process, but the little fragile plug will wear out soon.

Will the "Unrecognized Access" spammers going after my port 1026 and 1027 create problems? I really should learn how to block them.   to be continued,,,,,thanks
Jane

PS,   I LOVE the banner, almost could be my doggies eyes.

[tacit]

QUOTE(jcarter @ Sep 14 2003, 7:18 PM)

Thank you, Bob,  I will consult my manual for that.  This is something that I know nothing about.   It is interesting, though, as I get a lot of spam, too darn much.   I have Earthlink and have my mail forwarded to my cable ISP, Adelphia.  We are bombarded with spam.
Wondering whether their "Unauthorized Access" was blocked by the router(any router).

 The access attempts on port 1026 have nothing to do with the amount of spam you get.

Here's what happens:

Spammers have a big problem. Almost nobody allows people to mail spam through their mail servers any more. Even ISPs in places like China, Brazil, and Western Samoa, which used to be spam havens, are cracking down.

So some enterprising spammers found a solution. They wrote a computer virus that is a mail server.

They release the virus, which can infect millions of PCs. The virus listens for connections on port 1026. The spammers scan for infected people, then take control of those people's computers and use them to send the spam.

Your router is listing the unauthorized access attempts that it blocked. If it's in your firewall's logs, it was blocked.

The virus only infects PCs, so you are safe. The access attempts are there because the spammers scan millions of IP addresses at random looking for infected computers. You are on a Mac, so you are not infected. Efen if you were infected, your computer would still be safe, because your router blocks the spammer's attempts.

[jcarter]

Hi Tacit,  Thank you for the great explanation!   I feel a lot more comfortable with your information, knowing that my Mac is safe and my router is working!
The fact that I have to re-set the router is sure a minor complaint.  I found that my firmware is up to date, so I will just put a line switch in the router's power cable and use it to switch it on and off, so that I don't wear the little plug out.


I would love to take a course in all this wonderful information, you could easily be the instructor!  Thanks again,   Jane

[kimmer]

We have the same router, about the same age as yours. The only time I've had the probs you describe was when I needed to do a "firmware" upgrade to the router. Plus my provider had made some changes behind the scene (they were trying to stop folks from using a router!)

Edited because I just saw that you've checked the firmware. I would suggest you contact your ISP and see if they have changed any settings. If so, make sure you note all your settings as they are now before you get started. My ISP would only help me log on without my router.

Once I had that info, I had to contact Asante and they helped me reset everything. It was very frustrating.


kimmer

[jcarter]

Hi Kimmer, There seems to be no problem if I take the router out, the cable modem is fine.  I don't want them to know that I have a router.
There are days like today, when I have only rebooted the thing twice, but it is annoying. My Mac neighbour has the same problem, and he just unplugs and plugs all his Macs constantly.

 I have the Mac firmware v. 2.15, and the upgrade is for v. 2.02. So I guess I better leave that alone.  I saw somewhere that v. 2.16 has a nasty bug.  I could be wrong, as the information overload on these routers is rather large! And my brain is not that large, at least today.
The problem is with the router as far as I can see.  I should like to see what the tech support people at Asante say, I should try them as you have done.
What I have learned today is enuf to put this old girls brain into 4WD.   Thank you immensly for the info!!!
Jane

[MamaMoose]

I too hae had connection problems. Mine usually occur when I boot up and then cannot connect to the internet or my e-mail server.  When this happens I turn off router and modem, disconnect the line from the cable to the modem and from the modem to the router. wait 30 seconds, then plug everything back in and then I am connected ~85 % of the time. (I try this first before calling my ISP's tech support)

In technical terms there are capacitors that must discharge before one can connect.

Since you have no problem when you are directly connected without the router and that this happens in the middle of asession,  I suspect that the frequency with which you have to power down the router means that the router is bad, I would contact Asante tech support and explain the problem to them. They will also, send you a site from which you can download and upgrade your firmwar.

MamaMoose

[jcarter]

You all have given me a wonderful charge of information, so that when I do get in touch with Asante, I will know what to ask.
I just unplugged it this morning for 30 seconds, and then got right onto the web. Don't have to unplug anything besides the router power, even tho the ISP says to.
Interesting if they are doing something to thwart router users.  I do leave the net on most all day, that's one reason I want the firewall, as Tacit explained to me what "unrecognized access" meant in the router log.  I found that my firmware is up to date, according to the Asante help.
I will go through the Asante instructions once again, then get in touch with their tech support,  I sure will post their reply here.
Thank you!
Jane  

[jcarter]

Solved!  All I do is unplug the router power for 30 seconds every morning, fire up the computer, and the net connects fine.
It never ever disconnects as long as Netscape or IE is running, then I turn it off for the night.  I meant to post this long ago, and thank you all for the great info, I passed it along to my local friends.
Jane

[Gary S]

Where do you go to look for your router log?

I use a D-Link router but have never heard of a log af any sort.

[jcarter]

Hi Gary,  Sorry I was late getting back here,,,,,but here is how I see the router log for my Asante model  FR3004C;
You use this URL, 192.168.123.254  then it takes you to the login page, login,(Asante uses "admin" for most), then go to VIEW LOG.  It will show you everything that has come out or gone into your computer.  But I sure don't know what much of it means.  Tacit knows all about this router stuff.  I would love to learn more, maybe after I have finished this semester, I will look for an easy course or at least something to read about this topic.  I should ask him what book or site he recommends.  
He explained that anything that says "Unauthorized access" means that my router firewall blocked that attempt.  Look back here to his September post for more details.
I wonder why my 'outgoings' dont show, Ive been on the weather channel, amazon.com,loc.gov, and lots of book sites this morning, but they dont show up in my log.
This stuff in really interesting, I would love to learn more.
Maybe Tacit will be here and give us more good info.
Thanks,  Jane
 

[tacit]

Outgoing connections don't show in the log because the log is only designed to show things that are unusual, abnormal, and/or unauthorized. If outgoing connections were logged, the router would need a tremendous amount of memory to store the log; when you connect to one Web page, you may form many, many connections (one for the HTML, then one additional connection for each image on the page).

By default, a router will (unless you explicitly tell it otherwise) permit all outgoing connections, and block all incoming connections. So your computer may request any information from other computers on the Internet at any time, but other computers on the Internet may not send any data to you that you did not request.

[Epaminondas]

Jane,

The Asante 3000 series routers are good routers.  They are fast and they do a good job for what they are. You made a good choice two years ago.


Tacit wrote:

<<  By default, a router will (unless you explicitly tell it otherwise) permit all outgoing connections, and block all incoming connections >>

For security purposes, the next step up is to have the knowledge and ability to block specific outgoing connections.

The next step up in security after that is to have the knowledge and ability to actually monitor outgoing connections.

How to gain that sort of knowledge?  

Aye, there's the rub.

A careful reading of your 82-page Asante manual (or whatever) will likely lead you to a paragraph that your router can do some or all of the above, but there will likely be no further explanations - or the manual will say that this is only for "experts."  With no indication of how to obtain the requisite expertise.

You can check out the Asante web page for further information.  Click on "support" and wade through - they used to have a support bulletin board but I do not know whether or not they still do.

By golly, I just found it -

http://www.asante.com/support/index.html
_______________________________________

You could try reading a book to understand all this stuff.

I bought "Firewalls for Dummies" with just that in mind.  

Basics - all I wanted was the basics.

This book was way over my head. I did not understand anything useful from my encounter with this book - and I was highly motivated and I have done postgraduate work in the sciences.

This book may help other dummies, but this is one dummy who cannot recommend it.
______________________________________________

In reading reviews about firewalls in PC (not Macintosh) magazines, the overall information seems to be that hardware firewalls and software firewalls tend to be complementary to one another.

Hardware firewalls tend to be strongest at making your computer invisible to the Internet and in blocking incoming materials.  Do not neglect upgrading the firmware!

Software firewalls tend to be strongest at letting you know what the heck is actually going on and in blocking and monitoring outgoing materials.

The general advice from such articles is to use both.

I now use both - on all my computers - Macintosh and Linux.
______________________________________________

Which software firewall to use on the Mac?

Norton's is the most well-known.  It does not tend to get the best reviews.

NetBarrier tends to get the best reviews - and it is available for you to try out and use for free for one month.

Plus - you can download the manual which will actually teach you some useful things about both limiting and monitoring outgoing materials in a way that is understandable to people who are not computer science majors.

Available for MacOS 9.x (and maybe 8.x - I forget) and MacOS 10.x.

NetBarrier

NetBarrier User Manual
_____________________________________________

Once you have a good firewall situation up and running, it is important that you use a relatively secure Internet browser.

For example - Internet Explorer, Netscape, and Mozilla up through 1.2.1 all have widely known, exploitable security vulnerabilities.

I am not yet aware of any vulnerabilities in the CURRENT versions of Mozilla, Opera, or iCab.  There probably will be eventually - but not yet.  Not widely known ones, anyway.

Concept - it is important in Internet security to keep up to date on your browsers.

To illustrate: putting up a secure firewall solution on your computer and then running Internet Explorer on it is like carefully locking all the external doors of your house with excellent locks and then leaving all the windows wide open.

If you are going to set up a secure firewall solution, then do not run a known insecure browser.

If you are going to run a known insecure browser, then there is no reason to bother with a secure firewall setup.

- - - Computer security is only as strong as it's weakest link. - - -

Other things that may be helpful in regard to Internet security include turning off Java, JavaScript and cookies when they are not needed.  Monitoring and deleting cookies regularly. Turning off file-sharing.  Not leaving passwords or forms on the computer. Up-to-date antivirus software (Virex is pretty darned good).  Several browsers also allow you to turn off browser referrer information (notably Opera and Mozilla Firebird).

There are also proxy servers - I have not pursued that angle, and cannot advise.


A good site for checking out the security of your computer:

Online Security Check


All-in-all, making an overall habit of practicing safe computing will not make your computing experience 100% secure, but it will improve your odds against something unfortunate happening.


Best regards,

Epaminondas