Help - Search - Members - Calendar
Full Version: router/modem setup security
Gladiator Security Forum > Security Software & Hardware > Firewalls & Routers
hagabooq
Jan 12 2008, 08:19 PM
hi

i have just found out i have a modem+router device that has no hardware firewall. or so i think i am not sure... i wasnt the one who made the setup so.. anyway, my current router is a repotec RP-IP1800

N.B i read on some article that i may add SPI firewall to the mentioned router if it is conexant based with CX82310 chip
see this link http://www.routertech.org/viewtopic.php?p=7583 of course i dont know what that mean

my current router info is
Firmware Version: CX82xxx_4.1.0.9_S
Customer Software Version: 4.1.0.9
i have NAT enabled with NATP as mode

1>>>>>>>> i would like to know how secure it to use that router, is it safe to use it for internet access when i will be doing online banking and other sensitive uses

2 >>>>>>> if so how to configure it for maximum security.. when i log in to there are a lot of things/options/..etc.. i dont know how to tweak it

3 >>>>>>>> how can a router+adsl modem be a source of malware infection, can it be infected it self , how it is used by malwares to harm users --- i have just realized that routers+modem are security related, i always thought they are just dumb devices that allow net access and thats it


----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------



here is an explanation of my network setup'

first of all, i will be sharing the internet connection with other computers that i have no control over them nor trust their security.. so i want to BLOCK all networking activities with these pcs to avoid any malware infections.. BUT allow internet connection sharing.

4 >>>>> is this safe? i use my pc for sensitive information and i want to be safe from network based malware, will only allowing internet sharing accomplish that?


what router+adsl modem do u recommend i purchase?
i only use wired internet acces
and i would like you to consider the price factor as my budget for a the new router is very tight and all i am looking for in it is security security and security.

my main feature in the router would be security as this is the main reason i getting a new one

and would you kindly tell me how to configure that router to meet my needs;

5>>>>>>>>>>>>>>>>- only internet connection sharing is allowed
maximum security configured


I NUMBERED THE Q's since the post is long and not really organized

i would greatly appreciate your help since i am a complete newbie in this field

thanks a lot,
TheSentinel
Jan 13 2008, 02:36 PM
Hi hagaboog

Let me try to get through your request cause it's difficult to read and understand. But here we go:

QUOTE
hi

QUOTE
i have just found out i have a modem+router device that has no hardware firewall. or so i think i am not sure... i wasnt the one who made the setup so.. anyway, my current router is a repotec RP-IP1800


Well can you ask that person who configured it? Google offers this info about that router:Google

There is a hint at our partner forum SWI how to configure this router:
http://forums.spywareinfo.com/index.php?sh...iew=getlastpost

QUOTE
N.B i read on some article that i may add SPI firewall to the mentioned router if it is conexant based with CX82310 chip
see this link http://www.routertech.org/viewtopic.php?p=7583 of course i dont know what that mean

my current router info is
Firmware Version: CX82xxx_4.1.0.9_S
Customer Software Version: 4.1.0.9
i have NAT enabled with NATP as mode


We don't know what you mean with firewall SPI (or is XP SP1 meant??). Would follow the advice amino1968 in that mentioned threat updating JMK firmware.

QUOTE
1>>>>>>>> i would like to know how secure it to use that router, is it safe to use it for internet access when i will be doing online banking and other sensitive uses


It depends on its settings! There is no 100% security when accessing the web. Vulnerbilities and lacks in programs are still present, its only the moment when these vulnerbilities get public.
You mention online banking. Well my personal oppinion about that may sound old fashioned, but it did prevent me of unwanted surprises. When doing online banking lot of parameters are needed to guarantee a safe transmission. There are

+ the status of your computers security (means is it up-2-date with OS-hotfixes, -patches. Is your AV program up-2-date too?)
+ the transfer protocol which is used between your credit office and your computer
+ will your credit offices' connection work with your router?
+ is your internet connection and computer used by you only?

We can't give any answers cause it's up to you to ask your credit office about answers.

QUOTE
2 >>>>>>> if so how to configure it for maximum security.. when i log in to there are a lot of things/options/..etc.. i dont know how to tweak it


Before you start thinking about tweaking your router, first question should be

+ how networks do work and what they are based on,
+ how a router works,
+ how a firewall works,
+ what ports are

When you've understood these "minor" but essential elements of IP working you might start tweaking.

QUOTE
3 >>>>>>>> how can a router+adsl modem be a source of malware infection, can it be infected it self , how it is used by malwares to harm users --- i have just realized that routers+modem are security related, i always thought they are just dumb devices that allow net access and thats it


Let me ask you:

What does or should a router do? Can you answer me that question?

You mentioned about a firmware and how to upgrade/update it some lines above. What kind is a firmware? Does it contain any prograqm source code? What can happen to a program or source code? Come on, you're pulling our legs now ....

QUOTE
here is an explanation of my network setup'

first of all, i will be sharing the internet connection with other computers that i have no control over them nor trust their security.. so i want to BLOCK all networking activities with these pcs to avoid any malware infections.. BUT allow internet connection sharing.


Sorry we can't and won't do any explanations of your network cause it looks to be somemore like a "black hole". You mention a shared internet connection but not knowing who uses the other computers. You didn't drop any info about the operating system being in use and about it's "patch status". Without such important info we can't give any advices. Sorry...

QUOTE
4 >>>>> is this safe? i use my pc for sensitive information and i want to be safe from network based malware, will only allowing internet sharing accomplish that?


what router+adsl modem do u recommend i purchase?
i only use wired internet acces
and i would like you to consider the price factor as my budget for a the new router is very tight and all i am looking for in it is security security and security.

my main feature in the router would be security as this is the main reason i getting a new one

and would you kindly tell me how to configure that router to meet my needs;

5>>>>>>>>>>>>>>>>- only internet connection sharing is allowed
maximum security configured


Sorry but you're always asking the same question again and again. Please give us more facts but without any ornamental art. Makes it easier for us to help you.

I NUMBERED THE Q's since the post is long and not really organized

i would greatly appreciate your help since i am a complete newbie in this field

thanks a lot,


Greetz
B. Udo
hagabooq
Jan 13 2008, 04:14 PM
my os is win xp sp2 fully updated

my router is repotec RP-IP1800 with
Firmware Version: CX82xxx_4.1.0.9_S
Customer Software Version: 4.1.0.9

it has NAT option

i didnt do the last firmware upgrade, i gave to sb and he may or may not have upgraded by a firmware not from the manufacture

i did a port scan by www.grc.com shields up and here is the log

Results from scan of ports: 0-1055

0 Ports Open
1051 Ports Closed
5 Ports Stealth
---------------------
1056 Ports Tested

NO PORTS were found to be OPEN.

Ports found to be STEALTH were: 21, 23, 80, 254, 255

Other than what is listed above, all ports are CLOSED.

TruStealth: FAILED - NOT all tested ports were STEALTH,
- NO unsolicited packets were received,
- A PING REPLY (ICMP Echo) WAS RECEIVED.


SHOULD I BE CONCERNED THAT ONLY % PORTS ARE STEALTH AND ALL THE OTHERS ARE CLOSED... grc says all should be stealth
TheSentinel
Jan 13 2008, 06:58 PM
Hello hagaboog

I can't help myself when reading your postings. Seems pure paranoia has caught you!
If you fear you might get spyed not being totally stealth, have a look here which ports should kept stealth: http://www.outpostfirewall.com/guide/index.htm.
But keep in your mind:

1. A computer being closed all over might have problems to access the web.
2. Do you want 100 % security accessing the web? Will be a dream only. Or you gonna try to get online this way:

Click to view attachment

:)


You mentioned NAT functionality. Tell us please what kind NAT your router supports. Is it:

1. Outbound NAT (Traditional NAT)
2. Two-Way NAT (Bi-directional NAT)
3. Basic NAT
4. Network Address Port Translation (NAPT)
5. Twice NAT
6. Multihomed NAT

More details about your router can be read here. And have a closer look there for sure. You'll find lot of answers for your unusual router model.

Greetz
BU
hagabooq
Jan 14 2008, 01:35 PM
i have NAPT, Dynamic NAPT , and just NAT options from the drop downlist in mode

if u were in my shoes

1- have a repotec RP-IP 1800 with nat functions above (no VLAN no SPI firewall in the router)
2- have only 5 stealth ports with the rest closed
3- share an internet connection with other computers that (i have no file sharing or netbios with) are not secure


use this setup for online sensitive data


thanks
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2009 Invision Power Services, Inc.