| Author |
Message |
EE-2002
Joined: 01 Sep 2005
Posts: 5
|
 16 May 2006 18:57 protection from port scanning software |
|
|
|
|
Hi All,
Can someone please answer this:
If my laptop has a private address and if I am behind a home router (with NAT enabled and no port forwarding), can I assume that I am completely protected from port-scanning software attacks and any other intruders? Or is there some there way through which someone can still gain access?
Thanks for your time.
|
|
| Back to top |
|
 |
DarkJedi
Joined: 25 May 2004
Posts: 145
Helped: 9
Location: Lima, Perú
|
| 16 May 2006 23:44 Re: protection from port scanning software |
|
|
|
|
hi there.
There is always a way to gain access... but you are in a private LAN so the scanning will be done to you rpublic address and the forwarding ports your router or firewall has enabled.
I could say that your computer is free for port scanning but still someone could gain access to your network. There is always a way.
|
|
| Back to top |
|
|
mirvidon
Joined: 14 Nov 2005
Posts: 44
Helped: 7
Location: Spain
|
| 17 May 2006 18:06 Re: protection from port scanning software |
|
|
|
|
Have a private IP address behind a router is a way to gain protection but you are not proctect at all. You need to close the ports in your router.
You will never be secure at all but have a private IP behind a router with NAT is a way to gain in the security of your network.
|
|
| Back to top |
|
|
EE-2002
Joined: 01 Sep 2005
Posts: 5
|
| 19 May 2006 20:00 Re: protection from port scanning software |
|
|
|
|
Hi , thanks for the replies, unless we specifically enable port forwarding on the router (as an example lets take a simple linksys router), aren't the ports closed for external access ?
Also isn't the following true, even if the port scanning software reaches the router, to reach my pc behind it which is on a private addr, doesn't the port scanning software have to look through the entire range of ports 0-65535 in all these subnets 10.X.X.X, 172.16.X.X to 172.31.X.X, 192.168.1.X to 192.168.255.X ?
once again , thanks for taking the time to respond to my question.
|
|
| Back to top |
|
|
DarkJedi
Joined: 25 May 2004
Posts: 145
Helped: 9
Location: Lima, Perú
|
| 20 May 2006 0:22 Re: protection from port scanning software |
|
|
|
|
First question:
I am not sure about that, i think the usual ports aren't blocked, like http or telnet port to mention some of them. I will check it out tonight let's see what i find out but i think the ports are allowed to forward some ports... or at least allowed to answer the request from those ports.
Second question:
Yes, that statement is true. As i said before, if someone gains access to your router it is already inside your network, he can perfomr a look on all the computers to see the ports opened in every computer... If you want to protect every computer from an attack from inside your private LAN you will have to install a firewall on each computer, the only way to protect the PC.
Now, mantaining a firewall on every computer can be very demanding job acording to te size of your LAN, still you will let some IP's or some services run through your LAN, you can be attacked by an IP spoofing or just using your actual service ports wich you allowed incoming traffic from.
The only way to prevent hacking if not to be connected to the internet.
|
|
| Back to top |
|
|
pratyk
Joined: 02 Jun 2006
Posts: 56
Helped: 5
|
| 13 Jun 2006 5:18 protection from port scanning software |
|
|
|
|
| well the safest thing u can do ... what i think ... is setup a DMZ ... look up the steps in the router manual ... well one of the safest ways if not the safest !!
|
|
| Back to top |
|
|
