[Tutor] IP numbers

[Scott Widney]

> From: Kirby Urner
> I don't know if this is your situation, but some people
> who get a firewall for the first time (either hardware,
> or more likely a software product, like ZoneAlarm or
> a Norton thing), and have it log port scans (attempts
> to find security holes), are alarmed by the number of
> such attempts.  This is especially true if you computer
> is "always on" (the Internet that is, e.g. when you have
> DSL or a cable modem).
> 
> What you will find is that cyberspace if full of this
> background noise of port scanning.  People are running
> these bots to look for holes.  There aren't necessarily
> people actively paying much attention -- they look over
> the results later.
> 
> So if what you're seeing are just random reports of
> being scanned, even by the same IP-domain each time,
> don't think you have to run off and change your IP
> number.  It'll happen with the new number too, as a
> lot of the scanning bots just check huge ranges of
> possible numbers.
> 
> And don't take it too personally.  Think of mosquitos
> in the forest, trying to find some blood to suck.
> Carry repellant, zip up your tent, but if you want
> to be in the forest at all, you're going to have to
> put up with pests.
> 
> Kirby

My wife has her home PC on all day (on a cable modem) and Zone Alarm logs
probably 200 port scans a day -- many from within the same subnet. Like
Kirby said treat it as a fact of life. Take suitable precautions, but don't
be paranoid. That's the kind of world we live in.

> From: dman
> Get a Linux or *BSD system to act as a firewall.  Then the only stuff
> that can get to your windows machine is responses to requests that
> originated from the windows machine.

Another alternative is a self-contained router. I've seen a 4-port from
LinkSys that has a firewall for a couple-hundred dollars. Has a nice
browser-based interface, etc.

Scott