Zoom ADSL Modem/Gateway

Discussion in 'Computer Security' started by Jennifer, Dec 9, 2004.

  1. Jennifer

    Jennifer Guest

    Thanks in advance for the help....

    I've been running a simple DSL-based home network with a basic DSL modem
    running into a Linksys router supporting 5 PC's - some Linux, some Windows.
    With that configuration, I've always been able to run nmap, or any other
    port scanner, at standard speed (normal) settings. We routinely will
    perform full scans against our outside client's networks - typically 35-40
    IP's at a time.

    We've never had a problem with that scan traffic interfering with Internet
    activities (web surfing, etc) on the other machines in our network.

    Now, in the interest of consolidating devices, we purchased a Zoom ADSL
    Gateway (5554) and replaced the modem and Linksys router. Everything works
    fine in normal traffic periods, however, whenever we attempt to run an nmap
    scan at anything above the -T1 "sneaky" setting, Internet access across the
    network for all other machines grinds to a halt.

    I can't believe that a higher end gateway can't handle traffic that a basic
    modem/Linksys router can. I can find no settings or information related to
    any maximum number of connections or seesions that are supported by the
    gateway. Zoom tech support also confirmed that it shouldn't be an issue.
    Also, the unit only supports logging for system events and not for
    incoming/outgoing connections so I can't get any visibility into what's
    going on.

    Nmap is not sending out that much traffic, so is there anything else I'm
    missing? I'm about to return the Zoom and invest in a Netopia or something
    else more robust, but want to make sure I don't run into this issue again.

    Thanks -

    J
     
    Jennifer, Dec 9, 2004
    #1
    1. Advertising

  2. Jennifer

    donnie Guest

    On Thu, 9 Dec 2004 09:25:16 -0600, "Jennifer" <>
    wrote:

    >Thanks in advance for the help....
    >
    >I've been running a simple DSL-based home network with a basic DSL modem
    >running into a Linksys router supporting 5 PC's - some Linux, some Windows.
    >With that configuration, I've always been able to run nmap, or any other
    >port scanner, at standard speed (normal) settings. We routinely will
    >perform full scans against our outside client's networks - typically 35-40
    >IP's at a time.
    >
    >We've never had a problem with that scan traffic interfering with Internet
    >activities (web surfing, etc) on the other machines in our network.
    >
    >Now, in the interest of consolidating devices, we purchased a Zoom ADSL
    >Gateway (5554) and replaced the modem and Linksys router. Everything works
    >fine in normal traffic periods, however, whenever we attempt to run an nmap
    >scan at anything above the -T1 "sneaky" setting, Internet access across the
    >network for all other machines grinds to a halt.
    >
    >I can't believe that a higher end gateway can't handle traffic that a basic
    >modem/Linksys router can. I can find no settings or information related to
    >any maximum number of connections or seesions that are supported by the
    >gateway. Zoom tech support also confirmed that it shouldn't be an issue.
    >Also, the unit only supports logging for system events and not for
    >incoming/outgoing connections so I can't get any visibility into what's
    >going on.
    >
    >Nmap is not sending out that much traffic, so is there anything else I'm
    >missing? I'm about to return the Zoom and invest in a Netopia or something
    >else more robust, but want to make sure I don't run into this issue again.
    >
    >Thanks -
    >
    >J
    >

    #########################
    Am I correct to assume that there are no problems when nmap is used in
    any other mode? My guess is, it's causing a buffer overflow in the
    Zoom product. Try other port scanners to see what happens.
    donnie.
     
    donnie, Dec 9, 2004
    #2
    1. Advertising

  3. Jennifer

    Mark Guest

    Jennifer wrote:
    > Thanks in advance for the help....
    >
    > I've been running a simple DSL-based home network with a basic DSL modem
    > running into a Linksys router supporting 5 PC's - some Linux, some Windows.
    > With that configuration, I've always been able to run nmap, or any other
    > port scanner, at standard speed (normal) settings. We routinely will
    > perform full scans against our outside client's networks - typically 35-40
    > IP's at a time.
    >
    > We've never had a problem with that scan traffic interfering with Internet
    > activities (web surfing, etc) on the other machines in our network.
    >
    > Now, in the interest of consolidating devices, we purchased a Zoom ADSL
    > Gateway (5554) and replaced the modem and Linksys router. Everything works
    > fine in normal traffic periods, however, whenever we attempt to run an nmap
    > scan at anything above the -T1 "sneaky" setting, Internet access across the
    > network for all other machines grinds to a halt.
    >
    > I can't believe that a higher end gateway can't handle traffic that a basic
    > modem/Linksys router can. I can find no settings or information related to
    > any maximum number of connections or seesions that are supported by the
    > gateway. Zoom tech support also confirmed that it shouldn't be an issue.
    > Also, the unit only supports logging for system events and not for
    > incoming/outgoing connections so I can't get any visibility into what's
    > going on.
    >
    > Nmap is not sending out that much traffic, so is there anything else I'm
    > missing? I'm about to return the Zoom and invest in a Netopia or something
    > else more robust, but want to make sure I don't run into this issue again.
    >
    > Thanks -
    >
    > J
    >
    >

    I don't know the technical specs on that product and am having trouble
    finding much online. But, I have to wonder if it doesn't have something
    to do with the DOS protection they mention. One thing vendors will do
    to try and prevent a denial of service attack is to limit the number of
    half-open connections. If that's the case then it's not a problem with
    the total number of connections, just the half-open ones.

    Even at that, I would be surprised that it won't even allow 'polite'
    speeds. Anyway...

    Out of curiosity, what type of scans have you tried? If it's just tcp
    (syn, connect) I'd be curious if the results are any different if you
    try a udp scan.

    Later,

    Mark
     
    Mark, Dec 9, 2004
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Ronny Svensson

    Re: Difference between C-40 zoom [D-40 zoom] and c-4000 zoom

    Ronny Svensson, Aug 23, 2003, in forum: Digital Photography
    Replies:
    0
    Views:
    940
    Ronny Svensson
    Aug 23, 2003
  2. Stefan Patric

    Re: Difference between C-40 zoom [D-40 zoom] and c-4000 zoom

    Stefan Patric, Aug 23, 2003, in forum: Digital Photography
    Replies:
    0
    Views:
    804
    Stefan Patric
    Aug 23, 2003
  3. adsl pci modem, and adsl ethernet modem

    , Jan 16, 2005, in forum: Computer Information
    Replies:
    8
    Views:
    733
  4. LincolnShep
    Replies:
    3
    Views:
    2,757
    Jack \(MVP-Networking\).
    Nov 8, 2006
  5. george
    Replies:
    11
    Views:
    1,356
    DaveG
    Mar 1, 2004
Loading...

Share This Page