AnotherTribe;551550 Wrote:
> True. However, securing the outer perimeter is the first step and in
> this case the OP has already mentioned that faith in his current
> solution is lacking.
I think I should amend my statement. My real lack of faith is in my
ability to properly configure my hardware firewalls. My network
actually sits behind two hardware firewalls: a ZyXEL ZyWall 2 Plus and
a old (un)trusty Netgear FWAG114. I don't know how secure either of
those products are. I do know that the ZyXEL configuration seems
complex enough that it feels a little over my head. I do keep the
firmware up to date on this device since it's still actively supported
by ZyXWL. The FWAG114 has been EOL since 2006. But even with the
Netgear router sitting behind the ZyXEL, it accumulates cryptic log
entries like:
Code:
--------------------
Sat, 2010-05-29 07:50:34 - TCP packet - Source: 98.136.131.28 - Destination:
192.168.xxx.xxx - [Invalid sequence number received with Reset, dropping packet
Src 143 Dst 54637 from EXT n/w]
--------------------
..which I don't know how to interpret...other than the fact that 1).
the source address resolves to something yahoo related and 2). this was
traffic coming in to the router when I was out to dinner and all the
computers in the house were turned off!
--
gharris999
------------------------------------------------------------------------
gharris999's Profile: http://forums.slimdevices.com/member.php?userid=115
View this thread: http://forums.slimdevices.com/showthread.php?t=79161
_______________________________________________
unix mailing list
unix@lists.slimdevices.com
http://lists.slimdevices.com/mailman/listinfo/unix
