Router questions

[jcarter]

Hi Tacit,  Thank you for this explanation.
I do see many "Unrecognized access from' 67.78.124.152:44415 to TCP port 30260" as an example.   Indeed I am very happy that you tell us that they are unsuccessful attempts.  What if I had a PC and no router, would these get into my computer and do damage?
Is there a site that we could look these up to see where and who?  I did plug this one into Netscape and it said 'contacting host' so I chickened out and stopped it connecting.  Hey, this is fun!

Hi E.  Thank you for your great info!  I will look at these sites, and yes, I think I looked at that book in the bookstore and my dummy brain rejected it.  The Asante info was beyond me.  The more I learn about these computers, the more I want to know, it sure is fun!  It just is difficult to find where to start.

I really enjoy learning new things and now that I'm retired, I have the time.
Thanks again,
Jane

[Mayo]

Your problems with the Asante router mimic the problems I was having with my Linksys, and which were solved by a firmware upgrade.  Having to do a soft reset of the router every time you want to go online isn't normal operating procedure, and it would personally drive me crazy.  If Asante can't pinpoint the exact problem and provide a more workable solution I would seriously consider a new, problem-free router.

I have come to believe that a software firewall is redundant if your router firewall is doing its job.  Why spend the money if you don't need to?  And when you upgrade to OS X sometime in the future you will have the firewall that is built-in to the OS.

Use the security link that Epaminondas provided and you will know in a couple of minutes how well your router firewall is working.  Use the port scan test on the left at this website Security Check to see whether your ports are in "stealth" mode, the best possible protection.

Disabling Java, cookies and the other suggestions made by Epaminondas can make web surfing more secure, but they can also make the experience a real hassle.  I think the potential problems associated with Internet use are minimal.  We face bigger problems from spammers and the physical relocation of our Macs (theft...) because most people leave vital personal information readily accessible to prying eyes.

Web Confidential is a perfectly safe application that stores all kinds of passwords, credit card numbers and the like that can be encrypted.  There are also programs available to provide various levels of security for drives and files Security Software  Using the OS X Secure Empty Trash command or an inexpensive OS 8/9/X app like ShredIt is a good habit to establish.

Basically, with a few precautions and a pinch of Common Sense there is no reason to be paranoid.  Just have fun!

[tacit]

QUOTE(jcarter @ Dec 21 2003, 9:21 PM)

I do see many "Unrecognized access from' 67.78.124.152:44415 to TCP port 30260" as an example.   Indeed I am very happy that you tell us that they are unsuccessful attempts.  What if I had a PC and no router, would these get into my computer and do damage?

 It depends.

Many of these access attempts represent a computer searching for other computers infected with a specific virus or Trojan.

Here's how it works:

Let's say i write a virus. I release the virus into the public through email or by infecting another program or whatever. The virus is designed to do two things: spread to other computers, and wait for connections on a certain port.

After the virus has been out for a while and spread to a lot of computers, I start running another program. It scans through millions of IP addresses at random trying to connect on the virus port.

Most computers are not infected; nothing happens. However, if it finds a computer infected with my virus, it gives me complete control over that computer. I can do whatever I want.

Why would I do this?

Often, it's because I'm a spammer, and I want to take your computer over and make it send out spam. Or perhaps I want to take your computer over and use it to store and trade illegal files, or use it to hack other computers--if the FBI traces my hacking, they end up knocking on your door, not my door.

So: If your computer had no firewall and was not infected with a virus, nothing would happen. If you had no firewall and you were infected by a virus, though, your computer would be completely compromised.

[jcarter]

Hi Mayo,  Yes, I check my security once in a while, and all my ports are 'stealth'.  I did notice that one said 'closed' and a long time ago before I got my Asante, one said 'open'.
But I have never had a problem ever with any virus or anything.  My only problem is spam, and I just delete them every morning.
I have never bothered using my virus software, it is turned off.
I never have looked at 'bad' sites, and nobody has access to my Mac other than family.  I still have OS 9.2.2 because I am a bit intimidated by reading my MacWorld magazines, and reading the problems on my Adobe forums of the software problems with the new OS.  I do know that things are improving, and my husband is wanting to get me a new Mac.
I did call Asante a while ago, and my firmware is up to date, and they dont know why Ihave to restart the router every morning.  It doesn't really bother me, just doing one unplug once a day.  Our ISP is against us using routers.
I dont have anything on my computer that I would be not wanting people to read, except for the banking and credit cards.  Of course we have passwords for them and they are not in the computer room. All the other stuff like Amazon and my picture pages have passwords, but I dont think anybody would be interested in those.

 Hi Tacit, I am very glad I have a Mac and a good router.  The thing seems to be repelling all these attempts, I hope.
OS X is even more secure from what I hear.
Spam, that is the root of all this evil isn't it.  Most of it comes from outside the USA, so I guess that we really cant do much about it.
Most of mine is pushed into my 'spam and garbage' folder, so I just scan it to see if something good is hiding there, usually not, so I just delete the mess.

Wow, you people have given me a wonderful lesson in this!
I thank you greatly!
Sorry my questions are so long, but I sure feel more confident after I read your answers.  Now I will be able to ignore my classmates talk about their infected PCs.
I better stop now, even tho I have more questions, the dog is waiting for our morning walk.
Jane

[tacit]

QUOTE(jcarter @ Dec 22 2003, 2:35 PM)

Spam, that is the root of all this evil isn't it.  Most of it comes from outside the USA, so I guess that we really cant do much about it.

 Actually, that's not quite true. over 90% of spam comes from the USA, but it is sent through overseas servers.

The Internet makes it easy for anyone to set up a mail account on a server anywhere. I am living in Florida; I use AOL and Earthlink for my email, so the email servers I use are in Virginia and Atlanta. And just like I can create an account with a company in a different state, I can create an account with a company in China; it only takes a few mouse clicks.

The spam is coming from the US, but the American who is sending it is using a server in China to relay it.

In fact, over 90% of the world's spam comes from one small handful of people, most of them living in Boca Raton, Florida and the rest living in California. This small group of people sends out spam on behalf of all the porn sites and phony drug sites and whatnot that you see.

[Mayo]

No matter where spam originates, it can be reduced to virtually zilch if you take some basic and well-documented precautions...  I currently average one spam message per month, and I am very active on the Internet.

A search of the TS archives will turn up posts that myself and others have made that detail the ways to minimize spam.

[jcarter]

Boca Raton, I used to live in Melbourne and also Ft. Liquordale.  I know the area.
Boca Raton is a small target, I would love to see the spam obliterators see if they could do something to them!  'About' them is nicer wording.

Spam is only a nuisance for me, as I am only a grandmother having a great time with computers as a hobby, but it must be costing time and REAL money for business.
 
This is interesting, I am learning a lot from you! I had no idea that they originate inside the USA.  The bottom line; who would ever click on this stuff, who would ever buy it, where are their brains?  If nobody ever looked at this stuff, just deleted as we all do, would spammers stop, what is perpetuating this?
Love to see some numbers on this,
Jane
 

[jcarter]

Questions, questions, I sure have plenty of them, but you all are so instructional, that I keep them coming,,,,,,,,
I just ran the Symantec port and trojan horse security check on my G4, and all the ports for both checks were 'stealth', except one. (Symantec said that this computer is "secure".)
That one is the ICMP ping port and it said it was 'open'.
My kids have tried to ping this computer from their school and each attempt was unsuccesful, so I wonder what that means.  It must not be open then?

Also when I log on to my classroom, I see my IP address and the cable location of my town thru Albany NY, where the company is, Adelphia.
I wonder what it means if that IP address is out there for whoever to see, or if it is just available to the classroom and the security check people.  Or just to places that I log on to.
Whew, that's another lesson!
You people are wonderful!
Merry Christmas to you all, and I better get back into the kitchen, thank you again, Jane

[tacit]

The ping port is open, but it does not respond to pings because in order for your computer to respond to a ping, you must instruct the router to pass that port on to your computer.

What IP address are you trying to ping? Because you have a router, you have two IP addresses: an "external" address that is assigned by your ISP, and an "internal" address that the router assigns to your computer. The internal address always begins with 192.168.

If you try to reach the internal address from the Internet--you can't. You can only access the external address, which will not begin with 192.168. You will not be able to ping your computer using the internal 192.168 address from the Internet. You should be able to ping the external address, though--the router, not the computer, will answer the ping.

[jcarter]

Hi Tacit, Thank you again for such great info!  Sorry I was so late in answering, but the grandkids have all gone back home, and now I get some free time.

Yes, the router address starts with 192.168, but the IP address of the computer shows up on my classroom page after I log in.  And when I do the security check, it also shows up.  Is that bad?  
It starts with a 68.  DNS and IP address and Asante Gateway all are the same?

Sorry to bother you again, but your explanations are so good that I am understanding more.  This is really interesting.
Another reason that Macs are better than PCs.
Thanks again,
Jane