Sunday, November 14, 2010

How safe is my firewall behind a modem router?

I've been using Zone Alarm firewall (free edition) for many years now %26amp; in all security tests it comes up as all ports in stealth mode, so hackers don't know you're actually connected. The problem is I'm no longer using dial-up %26amp; instead have a ADSL Ethernet Modem/Router- Hurricane 9200, it is now showing that ports 21, 23 %26amp; 80 are open as well as ping, the rest are showing as closed. I'm sure that beyond the router itself the ports on the computer's own IP are still in stealth mode but hackers now maybe KNOW that there is a computer there somewhere because of the router responses.



How safe is my computer, should I change to a better firewall? Although other firewalls that I tried show the same ports open (which are on the router of course). I'm having some problems recently %26amp; I'm thinking possibly I'm being targeted. All settings on the router itself were done by the telephone service operators.



Am I safe, what can I do?How safe is my firewall behind a modem router?
Your Firewall is no less secure today than it was yesterday. The difference here is that your modem is what's showing those ports open. The Hurricane 9200 has a built in web-management engine so that you can configure it. It also allows telnet to it as well as FTP traffic. Below is a link to the products page.



There's nothing you can do from the perspective of your firewall because it's your first device that's showing up as a problem. I would check out your documentation for the Hurricane to see if you can turn these features off or at least restrict them to a specific IP Address. That would make your modem secure and you would probably show up as Stealth again as long as the modem drops the packets and doesn't simply reset them. Your firewall, however, is no more insecure because of it.



At the minimum, make sure that you password the Hurricane as best you can to prevent anyone, except yourself, from accessing it. Also, update your firmware to the latest version to avoid potential security vulnerabilities.



I checked out the manual for the 9000 and you can certainly disable the WAN side HTTP, telnet, and FTP access. That's definitely advisable. That in itself should clear up the scan results.



Hope this helps,

WG

No comments:

Post a Comment