Overclock.net › Forums › Software, Programming and Coding › Networking & Security › Help with router firewall
New Posts  All Forums:Forum Nav:

Help with router firewall

post #1 of 10
Thread Starter 
So thanks to the How Essential is a Firewall? thread, I would like to try out my routers (D-LINK DSLG624T).

I can turn on the firewall, but I would like some guidance on the other options it offers :

Under "DoS protection" : (Once firewall activated)
(Tickbox) SYN transmissions verification
(Tickbox) ICMP redirections verification

Under "Port scanning protection"
Activate/deactivate
a load of tick boxes for different attacks : FIN/URG/PSH, Xmas Tree, Null Scan, SYN/RST, SYN/FIN

Under "Service filter"
(Tickbox) Ping from an outside network
(Tickbox) Telnet from an outside network
(Tickbox) FTP from an outside network
(Tickbox) DNS from an outside network
(Tickbox) IKE from an outside network
(Tickbox) RIP from an outside network
(Tickbox) DHCP from an outside network
(Tickbox) ICMP from an outside network

Some of these last options are already selected.

Maybe there are a few options that are necessary?
Po Tato
(15 items)
 
  
CPUMotherboardGraphicsRAM
Intel i5-7600K @5GHz AVX-3 MSI Z270M Mortar MATX PNY GTX 1050Ti OC XLR8 HyperX DDR4 
Hard DriveHard DriveCoolingOS
Kingston V300 SSD WD Blue Cooler Master 240V Seidon AIO Win10 
MonitorKeyboardPowerCase
Samung 2494HS Logitech G410 Atlas Spectrum Corsair RM 650x Fractal Design Define S 
MouseMouse Pad
Steelseries Sensei Raw Steelseries 
  hide details  
Reply
Po Tato
(15 items)
 
  
CPUMotherboardGraphicsRAM
Intel i5-7600K @5GHz AVX-3 MSI Z270M Mortar MATX PNY GTX 1050Ti OC XLR8 HyperX DDR4 
Hard DriveHard DriveCoolingOS
Kingston V300 SSD WD Blue Cooler Master 240V Seidon AIO Win10 
MonitorKeyboardPowerCase
Samung 2494HS Logitech G410 Atlas Spectrum Corsair RM 650x Fractal Design Define S 
MouseMouse Pad
Steelseries Sensei Raw Steelseries 
  hide details  
Reply
post #2 of 10
Quote:
Originally Posted by Flower View Post
Under "DoS protection" : (Once firewall activated)
(Tickbox) SYN transmissions verification Unsure, check google
(Tickbox) ICMP redirections verification authentics ping request, stops DoS via ping of death
Under "Port scanning protection"
Activate/deactivate
a load of tick boxes for different attacks : FIN/URG/PSH, Xmas Tree, Null Scan, SYN/RST, SYN/FIN you can turn all these on, but i'd say stick with default. turning them all on will slow down your router, and is really overkill.

Under "Service filter"
(Tickbox) Ping from an outside network
(Tickbox) Telnet from an outside network
(Tickbox) FTP from an outside network
(Tickbox) DNS from an outside network
(Tickbox) IKE from an outside network
(Tickbox) RIP from an outside network
(Tickbox) DHCP from an outside network
(Tickbox) ICMP from an outside network
There are all options for you to prevent traffic inout of your network. you can stop ping request (i would) telnet (no need) FTP (if you're not hosting FTP i would) DNS (leave on) IKE (dunno, google) RIP (leave on) DHCP (leave on) ICMP (block)Some of these last options are already selected.

Maybe there are a few options that are necessary?
i edited your post.
Furian II
(14 items)
 
  
CPUMotherboardGraphicsRAM
AMD Pheon X4 955 MSI 870A-G46 Saphire 4870 1GB GSkill Ripjaw 2x4 DDR3 1600 
OSMonitorMonitorKeyboard
Windows 7 Home - 32 kernel cracked for more RAM Spectre 32" Acer 22" Logitech G15 V1 
MouseMouse Pad
Logitech G9 Xact Mat 
  hide details  
Reply
Furian II
(14 items)
 
  
CPUMotherboardGraphicsRAM
AMD Pheon X4 955 MSI 870A-G46 Saphire 4870 1GB GSkill Ripjaw 2x4 DDR3 1600 
OSMonitorMonitorKeyboard
Windows 7 Home - 32 kernel cracked for more RAM Spectre 32" Acer 22" Logitech G15 V1 
MouseMouse Pad
Logitech G9 Xact Mat 
  hide details  
Reply
post #3 of 10
Thread Starter 
Quote:
Originally Posted by HatesFury View Post
i edited your post.
Thank you. I forgot to add that the last tickboxes block services.

I have blocked : Ping, Telnet, IKE and IMCP.

IKE : Internet key exchange (IKE) is the protocol used to set up a security association (SA) in the IPsec protocol suite. source
Po Tato
(15 items)
 
  
CPUMotherboardGraphicsRAM
Intel i5-7600K @5GHz AVX-3 MSI Z270M Mortar MATX PNY GTX 1050Ti OC XLR8 HyperX DDR4 
Hard DriveHard DriveCoolingOS
Kingston V300 SSD WD Blue Cooler Master 240V Seidon AIO Win10 
MonitorKeyboardPowerCase
Samung 2494HS Logitech G410 Atlas Spectrum Corsair RM 650x Fractal Design Define S 
MouseMouse Pad
Steelseries Sensei Raw Steelseries 
  hide details  
Reply
Po Tato
(15 items)
 
  
CPUMotherboardGraphicsRAM
Intel i5-7600K @5GHz AVX-3 MSI Z270M Mortar MATX PNY GTX 1050Ti OC XLR8 HyperX DDR4 
Hard DriveHard DriveCoolingOS
Kingston V300 SSD WD Blue Cooler Master 240V Seidon AIO Win10 
MonitorKeyboardPowerCase
Samung 2494HS Logitech G410 Atlas Spectrum Corsair RM 650x Fractal Design Define S 
MouseMouse Pad
Steelseries Sensei Raw Steelseries 
  hide details  
Reply
post #4 of 10
Quote:
Originally Posted by Flower View Post
Thank you. I forgot to add that the last tickboxes block services.

I have blocked : Ping, Telnet, IKE and IMCP.

IKE : Internet key exchange (IKE) is the protocol used to set up a security association (SA) in the IPsec protocol suite. source
ahh ok. IKE is for protected P2P over the internet. Block it as you're not using it
Furian II
(14 items)
 
  
CPUMotherboardGraphicsRAM
AMD Pheon X4 955 MSI 870A-G46 Saphire 4870 1GB GSkill Ripjaw 2x4 DDR3 1600 
OSMonitorMonitorKeyboard
Windows 7 Home - 32 kernel cracked for more RAM Spectre 32" Acer 22" Logitech G15 V1 
MouseMouse Pad
Logitech G9 Xact Mat 
  hide details  
Reply
Furian II
(14 items)
 
  
CPUMotherboardGraphicsRAM
AMD Pheon X4 955 MSI 870A-G46 Saphire 4870 1GB GSkill Ripjaw 2x4 DDR3 1600 
OSMonitorMonitorKeyboard
Windows 7 Home - 32 kernel cracked for more RAM Spectre 32" Acer 22" Logitech G15 V1 
MouseMouse Pad
Logitech G9 Xact Mat 
  hide details  
Reply
post #5 of 10
Thread Starter 
Quote:
Originally Posted by HatesFury View Post
ahh ok. IKE is for protected P2P over the internet. Block it as you're not using it
Ok I have. Everything seems ok. I don't know if I will get rid of software firewalls just yet. I use zonealarm firewall for XP and Comodo for Vista 64 and it can get a little annoying when launching a game.
Po Tato
(15 items)
 
  
CPUMotherboardGraphicsRAM
Intel i5-7600K @5GHz AVX-3 MSI Z270M Mortar MATX PNY GTX 1050Ti OC XLR8 HyperX DDR4 
Hard DriveHard DriveCoolingOS
Kingston V300 SSD WD Blue Cooler Master 240V Seidon AIO Win10 
MonitorKeyboardPowerCase
Samung 2494HS Logitech G410 Atlas Spectrum Corsair RM 650x Fractal Design Define S 
MouseMouse Pad
Steelseries Sensei Raw Steelseries 
  hide details  
Reply
Po Tato
(15 items)
 
  
CPUMotherboardGraphicsRAM
Intel i5-7600K @5GHz AVX-3 MSI Z270M Mortar MATX PNY GTX 1050Ti OC XLR8 HyperX DDR4 
Hard DriveHard DriveCoolingOS
Kingston V300 SSD WD Blue Cooler Master 240V Seidon AIO Win10 
MonitorKeyboardPowerCase
Samung 2494HS Logitech G410 Atlas Spectrum Corsair RM 650x Fractal Design Define S 
MouseMouse Pad
Steelseries Sensei Raw Steelseries 
  hide details  
Reply
post #6 of 10
Dude honestly a firewall is all that you ever need as long as you are not download Gigs of Pr0n you will be safe. I don't use AV or a software firewall i use Spybot for Spyware and Threatfire as my Heuristics scan that runs in the background and i'm good to go
Dell E1705
(13 items)
 
  
CPUMotherboardGraphicsRAM
1.73Ghz Dell 7900gs 2gb 
Hard DriveOptical DriveOSMonitor
100gb DVD-RW Vista Home Premium 17inch 
  hide details  
Reply
Dell E1705
(13 items)
 
  
CPUMotherboardGraphicsRAM
1.73Ghz Dell 7900gs 2gb 
Hard DriveOptical DriveOSMonitor
100gb DVD-RW Vista Home Premium 17inch 
  hide details  
Reply
post #7 of 10
Quote:
Originally Posted by Metalica732 View Post
Dude honestly a firewall is all that you ever need as long as you are not download Gigs of Pr0n you will be safe. I don't use AV or a software firewall i use Spybot for Spyware and Threatfire as my Heuristics scan that runs in the background and i'm good to go
+1. I run neither, hve no issue. If you're an educated, cautious, and attentive user, you won't have problems.
Furian II
(14 items)
 
  
CPUMotherboardGraphicsRAM
AMD Pheon X4 955 MSI 870A-G46 Saphire 4870 1GB GSkill Ripjaw 2x4 DDR3 1600 
OSMonitorMonitorKeyboard
Windows 7 Home - 32 kernel cracked for more RAM Spectre 32" Acer 22" Logitech G15 V1 
MouseMouse Pad
Logitech G9 Xact Mat 
  hide details  
Reply
Furian II
(14 items)
 
  
CPUMotherboardGraphicsRAM
AMD Pheon X4 955 MSI 870A-G46 Saphire 4870 1GB GSkill Ripjaw 2x4 DDR3 1600 
OSMonitorMonitorKeyboard
Windows 7 Home - 32 kernel cracked for more RAM Spectre 32" Acer 22" Logitech G15 V1 
MouseMouse Pad
Logitech G9 Xact Mat 
  hide details  
Reply
post #8 of 10
Thread Starter 
Quote:
Originally Posted by HatesFury View Post
+1. I run neither, hve no issue. If you're an educated, cautious, and attentive user, you won't have problems.
ok. I don't P2P anymore either so I shouldn't have any worries.
Po Tato
(15 items)
 
  
CPUMotherboardGraphicsRAM
Intel i5-7600K @5GHz AVX-3 MSI Z270M Mortar MATX PNY GTX 1050Ti OC XLR8 HyperX DDR4 
Hard DriveHard DriveCoolingOS
Kingston V300 SSD WD Blue Cooler Master 240V Seidon AIO Win10 
MonitorKeyboardPowerCase
Samung 2494HS Logitech G410 Atlas Spectrum Corsair RM 650x Fractal Design Define S 
MouseMouse Pad
Steelseries Sensei Raw Steelseries 
  hide details  
Reply
Po Tato
(15 items)
 
  
CPUMotherboardGraphicsRAM
Intel i5-7600K @5GHz AVX-3 MSI Z270M Mortar MATX PNY GTX 1050Ti OC XLR8 HyperX DDR4 
Hard DriveHard DriveCoolingOS
Kingston V300 SSD WD Blue Cooler Master 240V Seidon AIO Win10 
MonitorKeyboardPowerCase
Samung 2494HS Logitech G410 Atlas Spectrum Corsair RM 650x Fractal Design Define S 
MouseMouse Pad
Steelseries Sensei Raw Steelseries 
  hide details  
Reply
post #9 of 10
Quote:
Originally Posted by Flower View Post
ok. I don't P2P anymore either so I shouldn't have any worries.
i forget the proper acronym, but i didn't mean peer to peer. i meant point to point. Point to Point is used to take PCs in 2 different locations and keep them in the same network together with the ability to share (such as all of the computers in Advance being able to see the warehouse inventory database)
Furian II
(14 items)
 
  
CPUMotherboardGraphicsRAM
AMD Pheon X4 955 MSI 870A-G46 Saphire 4870 1GB GSkill Ripjaw 2x4 DDR3 1600 
OSMonitorMonitorKeyboard
Windows 7 Home - 32 kernel cracked for more RAM Spectre 32" Acer 22" Logitech G15 V1 
MouseMouse Pad
Logitech G9 Xact Mat 
  hide details  
Reply
Furian II
(14 items)
 
  
CPUMotherboardGraphicsRAM
AMD Pheon X4 955 MSI 870A-G46 Saphire 4870 1GB GSkill Ripjaw 2x4 DDR3 1600 
OSMonitorMonitorKeyboard
Windows 7 Home - 32 kernel cracked for more RAM Spectre 32" Acer 22" Logitech G15 V1 
MouseMouse Pad
Logitech G9 Xact Mat 
  hide details  
Reply
post #10 of 10
Quote:
Originally Posted by HatesFury View Post
i forget the proper acronym, but i didn't mean peer to peer. i meant point to point. Point to Point is used to take PCs in 2 different locations and keep them in the same network together with the ability to share (such as all of the computers in Advance being able to see the warehouse inventory database)
P2P or PTP : Peer To Peer
PPP : Point To Point Protocol as you already mentioned
Pure 1nhibition
(14 items)
 
  
CPUMotherboardGraphicsRAM
[i5 3570K] [Gigabyte Z77X-UD3H] [eVGA 560 Ti] [8GB G.Skill Ripjaws X DDR3-1600] 
Hard DriveCoolingOSMonitor
[OCZ Vertex LE 50GB SSD | 1TB | 2TB] [A50] [Windows 10 Pro x64] [24" Samsung 2494HM] 
Power
[Corsair 750W] 
  hide details  
Reply
Pure 1nhibition
(14 items)
 
  
CPUMotherboardGraphicsRAM
[i5 3570K] [Gigabyte Z77X-UD3H] [eVGA 560 Ti] [8GB G.Skill Ripjaws X DDR3-1600] 
Hard DriveCoolingOSMonitor
[OCZ Vertex LE 50GB SSD | 1TB | 2TB] [A50] [Windows 10 Pro x64] [24" Samsung 2494HM] 
Power
[Corsair 750W] 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Networking & Security
Overclock.net › Forums › Software, Programming and Coding › Networking & Security › Help with router firewall