«

I am currently running NPF 2003 on a Dell XP machine. When I run the sygate
security test I get all ports blocked. When I run a NAT router(Linksys
BFSR41) without the FW ports 80 and 113 are open. If I run the FW and the
router I get the same results. Ports 80 and 113 are open.

I have a couple of questions.

1. What should I run?
2. Can I be attacked on ports 80 and 113?
3. What does a NAT router block?

Thank you,

Bob

K2NNJ wrote:
> I am currently running NPF 2003 on a Dell XP machine. When I run the
> sygate security test I get all ports blocked. When I run a NAT
> router(Linksys BFSR41) without the FW ports 80 and 113 are open. If
> I run the FW and the router I get the same results. Ports 80 and 113
> are open.
>
> I have a couple of questions.
>
> 1. What should I run?
> 2. Can I be attacked on ports 80 and 113?
> 3. What does a NAT router block?
>
> Thank you,
>
> Bob
With the router connected the site is testing the Router not your pc.
Without the router its your pc that is being tested.
I would run both and also look at configuring the router to show all ports
blocked.
When using both anything that has slipped by the router is caught by the
firewall. The firewall also gives application control on outbound traffic.
Seán

On Mon, 15 Dec 2003 13:16:51 -0000, "ClareOldie"
<> wrote:

>
>
>K2NNJ wrote:
>> I am currently running NPF 2003 on a Dell XP machine. When I run the
>> sygate security test I get all ports blocked. When I run a NAT
>> router(Linksys BFSR41) without the FW ports 80 and 113 are open. If
>> I run the FW and the router I get the same results. Ports 80 and 113
>> are open.
>>
>> I have a couple of questions.
>>
>> 1. What should I run?
>> 2. Can I be attacked on ports 80 and 113?
>> 3. What does a NAT router block?
>>
>> Thank you,
>>
>> Bob
>With the router connected the site is testing the Router not your pc.
>Without the router its your pc that is being tested.
>I would run both and also look at configuring the router to show all ports
>blocked.
>When using both anything that has slipped by the router is caught by the
>firewall. The firewall also gives application control on outbound traffic.
>Seán
>

Yes, you certainly need BOTH
--
Jim Watt http://www.gibnet.com

Thanks for the help

"Jim Watt" <_way> wrote in message
news:...
> On Mon, 15 Dec 2003 13:16:51 -0000, "ClareOldie"
> <> wrote:
>
> >
> >
> >K2NNJ wrote:
> >> I am currently running NPF 2003 on a Dell XP machine. When I run the
> >> sygate security test I get all ports blocked. When I run a NAT
> >> router(Linksys BFSR41) without the FW ports 80 and 113 are open. If
> >> I run the FW and the router I get the same results. Ports 80 and 113
> >> are open.
> >>
> >> I have a couple of questions.
> >>
> >> 1. What should I run?
> >> 2. Can I be attacked on ports 80 and 113?
> >> 3. What does a NAT router block?
> >>
> >> Thank you,
> >>
> >> Bob
> >With the router connected the site is testing the Router not your pc.
> >Without the router its your pc that is being tested.
> >I would run both and also look at configuring the router to show all
ports
> >blocked.
> >When using both anything that has slipped by the router is caught by the
> >firewall. The firewall also gives application control on outbound
traffic.
> >Seán
> >
>
> Yes, you certainly need BOTH
> --
> Jim Watt http://www.gibnet.com

"Jim Watt" <_way> wrote in message
news:...
> On Mon, 15 Dec 2003 13:16:51 -0000, "ClareOldie"
> <> wrote:
>
> >K2NNJ wrote:
> >> I am currently running NPF 2003 on a Dell XP machine. When I run the
> >> sygate security test I get all ports blocked. When I run a NAT
> >> router(Linksys BFSR41) without the FW ports 80 and 113 are open. If
> >> I run the FW and the router I get the same results. Ports 80 and 113
> >> are open.
> >>
> >> I have a couple of questions.
> >>
> >> 1. What should I run?
> >> 2. Can I be attacked on ports 80 and 113?
> >> 3. What does a NAT router block?

> >With the router connected the site is testing the Router not your pc.
> >Without the router its your pc that is being tested.
> >I would run both and also look at configuring the router to show all
ports
> >blocked.
> >When using both anything that has slipped by the router is caught by the
> >firewall. The firewall also gives application control on outbound
traffic.

> Yes, you certainly need BOTH

A commonly-stated bit of "wisdom".

Why?

Taking the example of breaking-and-entering on a house, what benefit do
interior door bolts do, given that the burglar is inside the hose, with a
complete set of keys?

OK, so a decent IDS system (e.g. large, hungry rottweiler) can make a big
impression.

But how many people /really/ use them? (I can almost count them on the
fingers of one knee.. ;o)

Not to say that a SPFW isn't a way to justify (to yourself) that last
processor and/or memory upgrade..

--

Hairy One Kenobi

Disclaimer: the opinions expressed in this opinion do not necessarily
reflect the opinions of the highly-opinionated person expressing the opinion
in the first place. So there!

"K2NNJ" <> wrote in message
news:S49Db.154853$ .net...
> I am currently running NPF 2003 on a Dell XP machine. When I run the
sygate
> security test I get all ports blocked. When I run a NAT router(Linksys
> BFSR41) without the FW ports 80 and 113 are open. If I run the FW and the
> router I get the same results. Ports 80 and 113 are open.
>
> I have a couple of questions.
>
> 1. What should I run?
> 2. Can I be attacked on ports 80 and 113?
> 3. What does a NAT router block?
>
> Thank you,
>
> Bob
>
>
Remember, with the router, your PC is hidden from the Internet. The open
ports on the router, which are visible, are likely to be an admin webserver
on the router, on port 80, which allows you to configure the router remotely
over the Internet (make sure you put a password on this to prevent
tampering!), and on port 113 you have Ident, a service which tells any
mailservers, for example, what's connecting to them. Some services may
respond slowly without Ident present, so the router provides this as a
courtesy. It's not anything to worry about. Also, look at the configuration
of the router, make sure that the DMZ is disabled, and enable the built-in
firewall if you want to be safest. See the manual.

Do remember, that the software firewall does have the ability to monitor
outgoing connections, whereas the router doesn't. But the router has other
advantages.

I have some more information available about these things here:
http://80.4.4.163/ebooks/ebooks.htm