Continue to Site

Welcome to EDAboard.com

Welcome to our site! EDAboard.com is an international Electronics Discussion Forum focused on EDA software, circuits, schematics, books, theory, papers, asic, pld, 8051, DSP, Network, RF, Analog Design, PCB, Service Manuals... and a whole lot more! To participate you need to register. Registration is free. Click here to register now.

Register Log in

protection from port scanning software

Status
Not open for further replies.
E

EE-2002

Newbie level 5
Joined
Sep 1, 2005
Messages
9
Helped
0
Reputation
0
Reaction score
0
Trophy points
1,281
Activity points
1,372
protect from port scanning router

Hi All,

Can someone please answer this:

If my laptop has a private address and if I am behind a home router (with NAT enabled and no port forwarding), can I assume that I am completely protected from port-scanning software attacks and any other intruders? Or is there some there way through which someone can still gain access?

Thanks for your time.
 

hi there.

There is always a way to gain access... but you are in a private LAN so the scanning will be done to you rpublic address and the forwarding ports your router or firewall has enabled.

I could say that your computer is free for port scanning but still someone could gain access to your network. There is always a way.
 

Have a private IP address behind a router is a way to gain protection but you are not proctect at all. You need to close the ports in your router.

You will never be secure at all but have a private IP behind a router with NAT is a way to gain in the security of your network.
 

Hi , thanks for the replies, unless we specifically enable port forwarding on the router (as an example lets take a simple linksys router), aren't the ports closed for external access ?

Also isn't the following true, even if the port scanning software reaches the router, to reach my pc behind it which is on a private addr, doesn't the port scanning software have to look through the entire range of ports 0-65535 in all these subnets 10.X.X.X, 172.16.X.X to 172.31.X.X, 192.168.1.X to 192.168.255.X ?

once again , thanks for taking the time to respond to my question.
 

First question:
I am not sure about that, i think the usual ports aren't blocked, like http or telnet port to mention some of them. I will check it out tonight let's see what i find out but i think the ports are allowed to forward some ports... or at least allowed to answer the request from those ports.

Second question:
Yes, that statement is true. As i said before, if someone gains access to your router it is already inside your network, he can perfomr a look on all the computers to see the ports opened in every computer... If you want to protect every computer from an attack from inside your private LAN you will have to install a firewall on each computer, the only way to protect the PC.

Now, mantaining a firewall on every computer can be very demanding job acording to te size of your LAN, still you will let some IP's or some services run through your LAN, you can be attacked by an IP spoofing or just using your actual service ports wich you allowed incoming traffic from.

The only way to prevent hacking if not to be connected to the internet.
 

well the safest thing u can do ... what i think ... is setup a DMZ ... look up the steps in the router manual ... well one of the safest ways if not the safest !!
 

Status
Not open for further replies.

Similar threads

Part and Inventory Search

Welcome to EDABoard.com

Sponsor

Back
Top