So you think no one would try to hack your system? Don't be so sure!

  • 1
  • Idea
  • Updated 2 years ago
Just a different conversation to deviate from the ongoing "Liberty Pass Isn't Working for me Anymore" that has been plaguing the forums for weeks now (yes I know I am part of the problem).

I just put in a much more advanced firewall on network at the house and find it interesting that I am getting hit with suspicious traffic that really has no reason to try to connect to my system. And these are just the IP's that appear to be located in the US as I am blocking all the traffic from non US countries....

So, next time you connect your computer directly to your modem, make sure you have your firewall and antivirus on and up to date, otherwise there is a real risk that if your system is not patched (common issue since us satellite folks don't want to burn up data doing pesky updates) that your system may be compromised.

Exede - before you advise people to plug directly into their modems from now on, you may want to suggest they not do so unless their OS is patched and they have current AV software installed and firewall turned on.  In my case I have a dummy laptop that I don't nescessarily care about I use for this purpose with AV and Firewall on it, but others may not.

Screenshot for your entertainment:
--------------------------------------------------
Photo of Brian Shackelford

Brian Shackelford

  • 847 Posts
  • 243 Reply Likes

Posted 2 years ago

  • 1
Photo of Markgc

Markgc, Champion

  • 337 Posts
  • 92 Reply Likes
I hadn't thought about that. What are the risks? I am running my Win 7 pc directly into the Exede modem. I am running Avast and window firewall.  I have an old router upstairs not being used. Should I add that between the pc and Exede modem?
Photo of Old Labs (VS1-329)

Old Labs (VS1-329)

  • 3816 Posts
  • 3858 Reply Likes
If your router offers firewall features, it's a good idea. Layered security and defense in depth are applicable to anyone these days... we're all targets even if we aren't the direct one, we may yield some info to go after a high value target you might connect with.

For example, here's how my Asus router is basically configured:

         

Nothing's really foolproof but multiple layers slow them down hopefully to the point where they give up.

P.S. Just don;t leave the backdoor open by failing to secure the router itself. 
(Edited)
Photo of Markgc

Markgc, Champion

  • 337 Posts
  • 92 Reply Likes
It is a Linksys Wireless-B Broadband Router

Like this one

http://www.amazon.com/Cisco-Linksys-BEFW11S4-Wireless-B-Cable-Router/dp/B00005ARK3
Photo of Old Labs (VS1-329)

Old Labs (VS1-329)

  • 3807 Posts
  • 3848 Reply Likes
Looking briefly at the manual, it doesn't appear there are any firewall features built into that model:

http://downloads.linksys.com/downloads/userguide/BEFW11S4-v4_ug,0.pdf
(Edited)
Photo of Markgc

Markgc, Champion

  • 337 Posts
  • 92 Reply Likes
OK probably not as it is old. I used it with my dial-up speed 17 gig FAP WildB;ue in the late 90's I think

I could uninstall Avira and install ZoneAlarm firewall and AV on that pc. I have a spare licence
Photo of Bev

Bev, Champion

  • 3067 Posts
  • 1285 Reply Likes
I use an older Cisco router as well but, I've got firewall software on all of my computers and I've blocked malware and other specific content on my mobile devices via my provider for those.

I would definitely NOT connect to the internet at all without AV and firewalls in place.

I also keep my AV, firewalls and OS's on all devices that connect up to date, bandwidth be damned, security is more important than a measly 9.99 if I need another gig for that.
Photo of Brian Shackelford

Brian Shackelford

  • 847 Posts
  • 243 Reply Likes
I am using an old Optiplex 160 with an Atom 330 processor along with an old hard drive, 4 GB RAM and a 30.00 TP-LINK VLAN Swith to run PFSense with Intrustion Detection, Prevention, Country IP Blocking, Proxy Filtering, DNS Based Adblocking.  I also subscribe to OpenDNS and implement blocking of categories on that side and use that for the DNS on my firewall.

Wireless is provided by my previously used Buffalo AC-1900 router now switched to AP Mode only.  Total investment in all of the above is about $200.00, although I could have done it much cheaper if I wanted to.

I also use it to block devices from internet access during certain times of the day, track all usage by device (for the most part - there are a few gaps), track overall daily usage, can monitor all throughput in real time, and much much more.

Totally worth it to me and was a fun little project one evening.  Tested throughput with all the services running and pushed over 100 Mbps so I know it won't be an issue connected to Exede (at least until they hit that throughput level).

It just dawned on me though about the fact that so many times we are told by support to connect directly to the modem and that due to the very nature of the connections we use I am betting many people aren't up to date on Windows, AV, and Firewall software.  This means that connection in order to TS problems can potentially put systems at risk.  I don't think it is as big an issue with the new Wi-Fi modems as I believe they do firewall and NAT already, but for the original non-wireless modems I can see this being a potential issue.