AnotherTribe;551550 Wrote: > True. However, securing the outer perimeter is the first step and in > this case the OP has already mentioned that faith in his current > solution is lacking. I think I should amend my statement. My real lack of faith is in my ability to properly configure my hardware firewalls. My network actually sits behind two hardware firewalls: a ZyXEL ZyWall 2 Plus and a old (un)trusty Netgear FWAG114. I don't know how secure either of those products are. I do know that the ZyXEL configuration seems complex enough that it feels a little over my head. I do keep the firmware up to date on this device since it's still actively supported by ZyXWL. The FWAG114 has been EOL since 2006. But even with the Netgear router sitting behind the ZyXEL, it accumulates cryptic log entries like:
Code: -------------------- Sat, 2010-05-29 07:50:34 - TCP packet - Source: 98.136.131.28 - Destination: 192.168.xxx.xxx - [Invalid sequence number received with Reset, dropping packet Src 143 Dst 54637 from EXT n/w] -------------------- ..which I don't know how to interpret...other than the fact that 1). the source address resolves to something yahoo related and 2). this was traffic coming in to the router when I was out to dinner and all the computers in the house were turned off! -- gharris999 ------------------------------------------------------------------------ gharris999's Profile: http://forums.slimdevices.com/member.php?userid=115 View this thread: http://forums.slimdevices.com/showthread.php?t=79161 _______________________________________________ unix mailing list unix@lists.slimdevices.com http://lists.slimdevices.com/mailman/listinfo/unix