wah kao... dio hack...


Status
Not open for further replies.
clarinet said:
1-4 and 6 will only work if someone try to connect ur wireless. If you have encounter DOS/portscanning from external, u almost can't do anything. U can release the IP but the next suay person who got your ip will get scanned. And it's a cycle.

Isnt that the case to kill away any one from tapping into your network?
also, if you have IDS which is intrusion detection system in place, that will handle most of the dos/portscanning from external.

yes, then good luck to the suay person.. i mean.. this we cant prevent. at least it prevent yourself which is what the thread owner wants.
 

clarinet said:
:bsmilie: ya i know that...they are keep saying about wep, wap, wpa2, local ip mah, so suggest a server for them lor. over at the wan side, nothing much can be done, unless u decided to setup a specialise firewall on top of the router firewall...;) and that can't stop people doing port scanning.

Port scanning.. Interesting topic. If you have placed your pc/laptop in your DMZ(demilitarized zone) zone, then external party is able to attack your computer almost any time. Its a NO NO unless you know what you are doing.

One way is to ensure that you DO NOT ALLOW ANY PORT MAPPINGS or NAT unnecessarily.
Use only ports that you need to and close the rest. In that case.. Even if they port scan you, they cant gather any info except those ports you choose to let them scan.
 

dEthANGeL said:
:bsmilie: :bsmilie: ok this is getting out of hand ... :sticktong... yup its very true

Beyond this, you need a specialised router to block traffic at the WAN end.

** i sense, cisco pix firewall/traffic shapers/bandwidth shapers coming into the picture soon .. not to mention the discussion of linux iptables firewall implementation. :sweat:
then maybe home user need to employ an administrator le :bsmilie:
 

fierysnake said:
Port scanning.. Interesting topic. If you have placed your pc/laptop in your DMZ(demilitarized zone) zone, then external party is able to attack your computer almost any time. Its a NO NO unless you know what you are doing.

One way is to ensure that you DO NOT ALLOW ANY PORT MAPPINGS or NAT unnecessarily.
Use only ports that you need to and close the rest. In that case.. Even if they port scan you, they cant gather any info except those ports you choose to let them scan.

I agree to that. But not all home users know how to close all ports and remap those they need.

As for DMZ, I don't really see the need to put computer in DMZ if the user know how to do port mapping.
 

fierysnake said:
Isnt that the case to kill away any one from tapping into your network?
also, if you have IDS which is intrusion detection system in place, that will handle most of the dos/portscanning from external.

yes, then good luck to the suay person.. i mean.. this we cant prevent. at least it prevent yourself which is what the thread owner wants.

What if someone else did the same thing and u got the ip... :bsmilie:
 

clarinet said:
What if someone else did the same thing and u got the ip... :bsmilie:

like i say it wont affect me since i have everything controlled. ports closed and ids in place. why worry? right?
 

fierysnake said:
Port scanning.. Interesting topic. If you have placed your pc/laptop in your DMZ(demilitarized zone) zone, then external party is able to attack your computer almost any time. Its a NO NO unless you know what you are doing.

One way is to ensure that you DO NOT ALLOW ANY PORT MAPPINGS or NAT unnecessarily.
Use only ports that you need to and close the rest. In that case.. Even if they port scan you, they cant gather any info except those ports you choose to let them scan.

Hmm ... another problem nowadays is everyone is blindly using UPnP ... UPnP automatically punches ports out through a UPnP router ... it just takes 1 compromised system to punch a port out via UPnP .. the cycle goes round again :rolleyes:
 

clarinet said:
I agree to that. But not all home users know how to close all ports and remap those they need.

As for DMZ, I don't really see the need to put computer in DMZ if the user know how to do port mapping.

port mapping works only when you know which ports to turn on. What about dynamic ports being used? can you handle that?
DMZ has it use if you know how to. Otherwise, there wont be such feature named as DMZ.

I personally prefer to use SMC routers. hehehehe
 

fierysnake said:
port mapping works only when you know which ports to turn on. What about dynamic ports being used? can you handle that?
DMZ has it use if you know how to. Otherwise, there wont be such feature named as DMZ.

I personally prefer to use SMC routers. hehehehe

i got a SMC router... dunno y seem hard to get things right... but one thing nice is, the menu is very simple... just plain simple...

den Linksys... always have connection issues.

den D-Link... last time ones, really terok... den i need gigabit ports, so only DGL-4300 have, so got that, not bad... but config until siao... cos documentation is rather limited.
 

Del_CtrlnoAlt said:
i got a SMC router... dunno y seem hard to get things right... but one thing nice is, the menu is very simple... just plain simple...

den Linksys... always have connection issues.

den D-Link... last time ones, really terok... den i need gigabit ports, so only DGL-4300 have, so got that, not bad... but config until siao... cos documentation is rather limited.

Dont worry.. you will get it right... just plan what you wanna do. then configure it. firewalls are dumb a$$. they just follow what we put it in. heheheh..
 

:sweat: ... man you seem to have alotta issues.

Been using a USR8000 router before i retired the unit. Else, its a decent router (though slow nowadays after being spoilt by Cisco systems) ...

DLink i feel make not too good routers... quite problematic.

SMC has their faire share, but its like you said - simple

Linksys - Unless you're using a WRT54G with Sveasoft/DD-WRT, you're missing a chunk of the pie.

So far, everyone around me using linksys - no problems. I'm using a WRT54G, no issues. Only, with Dlink that the problem arises. Netgear's routers are around SMC's standard. Pretty decent but with poor wireless coverage.

Just be sure to read through the documentation and do abit of googling on how to configure your firewall.
 

dreamerz said:
haha...easy lar...off ur internet connection when nt in use...haha...100% secure...:bsmilie:

set a timer in the router already, tonight 8pm off the connection to tomorrow 8am... daily...

next would be buy a physical timer to on at 8am to 8pm only... damnit...
 

Setup a honey pot to tempt the hacker. ;)
 

dreamerz said:
haha...easy lar...off ur internet connection when nt in use...haha...100% secure...:bsmilie:

cannot.. when you are using it... you are not secured!!!!
 

fierysnake said:
cannot.. when you are using it... you are not secured!!!!
haha...when off mah...cfm 100% secure....when on its another situation liao...:bsmilie:
since its usually when DCA is nt using ppl start to hack...haha...so dc when nt in use lor...
 

easy solved. just get the router to disable ping reply.. without ping reply.. noone will know you are on the network. port scan also cant really scan you properly unless you do a synthetic scan.
 

anka said:
easy solved. just get the router to disable ping reply.. without ping reply.. noone will know you are on the network. port scan also cant really scan you properly unless you do a synthetic scan.

i think cannot ping you doesnt mean cannot port scan you woh.:embrass:
if it is opened port.. still can get a hit woh.
 

fierysnake said:
i think cannot ping you doesnt mean cannot port scan you woh.:embrass:
if it is opened port.. still can get a hit woh.

can meh? i tried scanning myself.. cannot ping cannot even scan.. kk i'm a crap hacker..
 

Status
Not open for further replies.