Earthweb.com Practically Networked Home Earthweb developer.com HardwareCentral earthwebdeveloper CrossNodes Datamation
Welcome to PractiallyNetworked
Product Reviews

 • Routers
 • Hubs/Switches
 • Wireless Gateway
 • Wireless AP
 • Wireless NIC
 • Network Storage
 • Print Servers
 • Bluetooth Adapters
Troubleshooting
& Tutorials

 • Networking
 • Internet Sharing
 • Security
 • Backgrounders
 • Troubleshooting
    Guides

 • PracNet How To's
User Opinions
Practicallynetworked Glossary

 Find a Network Term  
 
Forums
About
Jobs
Home

  Most Popular Tutorials

• Microsoft Vista Home Networking Setup and Options
The most daunting part of upgrading to Windows Vista may be trying to figure out where in the layers of menus the networking and file-sharing options are hidden.

• Do It Yourself: Roll Your Own Network Cables
It may not be something you do everyday, but having the supplies and know-how to whip up a network cable on the spot can be very handy.

• Tips for Securing Your Home Router
Seemingly minor and easily overlooked settings can still have profound security implications. Here are some steps you can take to make sure your wired or wireless home router and by extension, your network is as secure as possible.

  Most Popular Reviews

• Microsoft Windows Home Server
If you have a home network, you'll welcome the easy file sharing, remote access and the image-based backup features of Windows Home Server.

• Iomega StorCenter Network Hard Drive
Iomega's fourth generation StorCenter Network Hard Drive brings many of the features found in higher-end storage devices down to an attractive price.

• MikroTik's The Dude
This free tool delivers many of the same capabilities that you'd find in pricey network monitoring tools. As long as you don't mind tinkering, The Dude is a decent network utility that should be worth the download.


Importance of Port Mapping

The safe way to open a computer on your network to the Internet is to map the ports needed for gaming or other activities. Plus: some software firewall "attack" messages explained.

By Joe and Ron of Neighborhood Techs

Q. I have a DSL connection and I use Hotmail to communicate with a friend in another city via voice chat while playing online games. Everything works fine when my computer is connected directly to the DSL modem, but when I try to do it through my Linksys BEFSR41 router, neither the games nor the chat will work. Can you help me with this problem?

A. When your computer is connected directly to your DSL modem, traffic flows unfettered between your computer and your friend's, allowing you to play online games and engage in voice chat. Put the router into the equation, and some or all of the traffic that support these capabilities is being blocked by default. It's a feature, not a bug.

First determine which ports are required by the features you are using, and configure your router's port mapping feature to forward those ports to your machine. (Your friend, incidentally, will probably need to so the very same thing on his or her end.)

The ports necessary for online gaming will depend on what game you are playing or what online gaming service you are using. This information should be provided in the documentation and/or on the Web site.

When you say you're using Hotmail to chat, I think you mean Windows Messenger, of which Hotmail is the e-mail component. As it turns out, configuring a firewall to support the advanced features of Windows Messenger can be difficult (it uses a lot of dynamically-assigned ports), and it may not even be possible depending the equipment you and your friend have. There is a lot of technically detailed information available at http://www.microsoft.com/windowsxp/pro/techinfo/deployment/natfw/default.asp regarding how to configure firewalls and Network Address Translation (NAT) routers to work best with Windows Messenger.

Microsoft recommends Universal Plug and Play (UPnP) compatible routers in order to use all of Windows Messenger's features. They're better able to manage the constantly changing port mappings that are needed. You may want to consider getting a router that supports UPnP, or checking to see if your (and your friend's) current router can be upgraded to support it.

A quicker and easier way to accomplish what you want would to be to put your computer into the router's DMZ (demilitarized zone) which would let the router pass any traffic it encountered to your PC. However, this is not advisable (nor is keeping your PC connected directly to your DSL modem, for that matter) because it leaves the computer vulnerable to attack. Only do this on a PC that doesn't carry important data.

Q. I recently installed a Linksys Cable/DSL router on my home network. I also have BlackIce Defender running on my Windows 2000 Professional system, and the firewall has reported several "attacks" since I installed the router. The router says that UDP port probes were coming from v2.vc.scd.yahoo.com, and v7.vc.scd.yahoo.com. There was also an entry about address 164.109.92.167, saying "HTTP GET data contains script." How were these external addresses able to access my internal client through the router?

A. The reason your software firewall is logging the first two "attacks" is likely because you're running Yahoo! Messenger software on your computer. The IP addresses and domain names that were flagged are Yahoo! servers that provide Yahoo! Messenger's voice chat capabilities. The application uses UDP to transmit voice data, so use of the voice chat feature could cause these sorts of entries to appear. If you point your browser to that address, you'll see an informational message that discusses this in more detail.

Even if you weren't using the voice chat feature at the time the entry was recorded, it could be due to the application scanning to see what ports were available for this type of traffic.

An HTTP GET is typically the result of clicking a link on a Web page. You likely clicked on a link that referenced back to the address recorded by the log and the data returned by probably contained a script which BlackIce deemed harmful. Whether it actually was or not is impossible for me to say, but the fact that the address does not resolve back to a domain name could indicate less-than-honorable intent.

I did determine that the address is owned by Digex, a Web Hosting firm, so if you see a lot of these entries in the future, you may want to contact Digex and ask which of their customers is using this address, to better determine whether or not this individual or organization is the source of an actual attack.

Finally, you asked how the external addresses were able to access your internal client through the router. The router automatically allows traffic from an external address if it is in response to a request that originated inside your network.

Whenever a program like Yahoo! Messenger (or any other IM client or similar application, for that matter), is running, it has the ability to proactively initiate connections to communicate with its servers. You can be sure that the program has one or more open connections to its servers whenever it is running, and if that weren't the case, you wouldn't be able to communicate with anyone unless you initiated the connection yourself.

The last log entry represents a similar situation. The data coming from that address was in response to a request from your browser (the HTTP GET), so the router considered it allowable traffic and let it through.

Most hardware firewalls can detect certain types of common IP-based attacks, but they generally pay more attention to where the traffic is coming from as opposed to what kind of traffic it is. This is why software firewalls are usually good compliments to a hardware router.

Use our feedback form to submit your questions on home or SOHO networking issues. We can not guarantee to answer every question we get, but we'll consider them all



Earthwebnews.com Earthweb developer.com HardwareCentral earthwebdeveloper CrossNodes Datamation


Home | Networking | Backgrounders | Internet Sharing | Security | HowTo | Troubleshooting | Reviews | News | About | Jobs | Tools | Forums