Temporarily disconnect LAN from Internet?

Discussion in 'Home Networking' started by Angus Rodgers, Dec 12, 2007.

  1. [Because of a baffling technical problem affecting my use of Usenet,
    even if I can post this message at all, I may not be able to follow
    up any replies, for the time being.]

    As a newcomer to broadband, I feel rather nervous, knowing that I'm
    now constantly exposed to the Internet, and not knowing clearly what
    the security risks are.

    Is there a way to tell a Netgear DG834 ADSL modem / Ethernet router
    to temporarily cease from Internet communication, while continuing
    to act as an Ethernet switch (so that the LAN still works)?

    (I can't see a setting for this on the "web page" at 192.168.0.1, and
    I haven't yet read through all the technical documentation. Sorry if
    it's a case of RTFM or JFGI.)
     
    Angus Rodgers, Dec 12, 2007
    #1
    1. Advertisements

  2. Angus Rodgers

    Jeff Gaines Guest

    Angus,

    As a starting point go to:
    https://www.grc.com/x/ne.dll?bh0bkyd2

    and run the tests towards the bottom of the page. Spend a bit of time
    reading the text and run all the tests. At the end of that you will have a
    feel for how 'visible' you are on the Internet. It's not the whole answer
    but it's a good starting point.

    Come back with any concerns you have. I sit behind a Netgear router and as
    far as the Internet is concerned my PC doesn't exist.
     
    Jeff Gaines, Dec 12, 2007
    #2
    1. Advertisements

  3. Angus Rodgers

    Dr Zoidberg Guest


    Your router will only pass traffic through to the PCs when you have either
    set up rules on the router to allow this , or if it's a reply to a
    connection your PC has made such as browsing a web page.

    If it's sat there idle then there isn't any security risk.
    As has been said , try some of the web based security tests that try and
    scan your PC.

    If you really need to shut down internet access then you'll need to look for
    an option to disable routing , or failing that unplug the WAN cable
     
    Dr Zoidberg, Dec 12, 2007
    #3
  4. Angus, for starters DONT WORRY too much about security. Your DG834G will be
    'at default' protecting your PC very well. The firewall built in to the
    DG834 is pretty damn good.... As someone else has suggested though, do the
    tests at GRC, and see how your system favours. Just to give you some idea
    of how much you are at risk, consider the following. I have been running a
    Windows XP machine as a server since 2004 online 24/7 using a DG834G with
    several ports open (HTTP/FTP/HTTPS/WEBCAM and several other ports are open
    to provide service access) This machine is running an original version of
    XP without any of the service packs or security fixes installed. Despite
    this and despite several ports being open (that wont be open at your side,
    unless you open them yourself), I have never had any cause for concern or
    security issues since I put the server online over three and a half years
    ago.

    I hope that settles your mind a little....

    Regards & Merry Christmas....
    James
     
    James Connault, Dec 24, 2007
    #4
  5. One thing I did forget to say.... Make sure you use an AntiVirus software
    and keep it up to date. Also it would be advisable to run Spyware detection
    software, and if you are really concerned run the freeware version of
    ZoneAlarm firewall.... Although I wouldn't bother with a software firewall
    myself as the 834 is more that capaable of doing that job itself.

    James
     
    James Connault, Dec 24, 2007
    #5
  6. Angus Rodgers

    stephen Guest

    The other replies all tell you "dont worry".

    However - most of these boxes run an op sys of some description, so there is
    a non zero change of a security hole in either the router implementation
    code, or the underlying box s/w.

    And - not much can cross an air gap without wireless.......

    however - PCs are much more susceptible, so the main thrust should be to
    protect your PC(s), and if you are worried, dont leave them powered up.
    i dont know this particular Netgear box, but even if you find such a tick
    box such as "connect" on the WAN page as on my WGR614, the Qs with any
    "disable" function would be - does it work, and does it actually stop
    everything?

    1 alternative is to change the WAN IP address (ie alter to manual setting,
    apply something invalid such as 10.1.1.1). not much can get to you if your
    addressing is wrong, as it would not find your WAN address so should not get
    to your router.

    Note - you could always pull the WAN cable :) ,but the box would have to
    retrain on ADSL.

    This is one of the disadvantages of having the ADSL modem built into the
    box - 2 separate units or a cable feed would allow you to disconnect the WAN
    Ethernet port.....
     
    stephen, Dec 26, 2007
    #6
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.