My neighbour has been having problems with her connection, so she rang NTL up and they told her to check her firewall. Now she isn't running a firewall because she is using a Belkin wireless router. She explained this to them and they said that she can't be because he was in her computer.

Is this possible ????

I wouldn't think so, unless the router is very poorly set-up.

Exactly what I thought...just got me thinking so thought I'd get some reassurance :)

If the router doesn't have a firewall integrated to it, it would be very possible for somebody to view the LAN side of the network. However it would then depend on the computer configuration whether the outsider can see anything on the PC. Whether the support guy knows how to do it, I dunno.

Most modern routers do have some firewall integrated. Check the manual to see if this is configured or not.

Will pop round after work to have a look.

Thanks

Generally routers tend ot hav NAT (network address translation) this mean you have to manually set the router up for each application that is sending and receiving things.

So in effect to set up FTP, you would set Your extgernal IP address port 21 to the internal IP address port 21.

Without this in theory they wouldnt be able to access.

Also if NTL were "in" the users computer without any kind of agreement I should imagine they would be in breach of data protection and the computer misuse act.

What I have found to be the case when NTL are trying to say its my PC at fault is that they have connected to the Modem, which is on the "live" side of the router and is visible over the internet.


I was once asked to remove all security on my PC so NTL could see what the problem was, needless to say they were told that there was about as much chance of snow in hell as me shutting down all security on my system for them.
I changed nothing, powered modem down for an hour, came back and lo and behold everyhting was fine on my faulty PC.

As Timewarrior said, because of the requirement of NAT if you have a router (after all, that is why it is called a router - it routes things using NAT / PAT) nothing could get into your LAN without the router being set up to forward specific ports to specific LAN IPs.

When a router says it has a firewall, this tends to mean things like handling DOS attacks, port scans, etc. These tend to be on the higher end routers.

However, because a router uses NAT it inherantly acts as a firewall to any packets coming in from the internet where there is no rule to forward that packet (how would the router know where to send a packet coming in when it comes in on an unconfigured port?)

If the router doesn't have a firewall integrated to it, it would be very possible for somebody to view the LAN side of the network.

*Only* if the LAN side had public IP addresses not RFC1918 addresses which all ntl customers will have. So from that point of view it's impossible for someone to see the LAN side of the router. It is possible to see if there are PCs behind the NAT and how many but not to connect to any of them. Simply the router won't know which PC to send the traffic to.

... and I love the typical ISP TS logic of "oh well, I can ping your modem from Delhi so there MUST be a problem with your PC, go speak to the manufacturer" approach... not only is it 9/10s inaccurate (I love the "winsock fob") but it convinces the poor n00bs there's a problem with their PC. Really, as the ISPs take money off them for the service (internet access) which then they refuse to acknowledge a problem with, let alone sort, is utterly ludicrous.

We've had reports of one ISP's line (who will remain secret- but it's not ntl) who told someone to contact the manufacturer because "it's cheaper for them to sort it than us" - what a fob, and it wasn't even discrete!

I have a Belkin Pre-N wireless (3 ariels) and it most certainly has a firewall. It will respond to pings unless you tell it not too. The firewall is SPI (stateful packet inspection) and NAT (no PAT unfortunately). You can turn off firewall, especially if set router to Access Point mode where firewall is off implicitly.

I think many of the Belkin stuff is similar.

I have a Belkin Pre-N wireless (3 ariels) and it most certainly has a firewall. It will respond to pings unless you tell it not too. The firewall is SPI (stateful packet inspection) and NAT (no PAT unfortunately). You can turn off firewall, especially if set router to Access Point mode where firewall is off implicitly.

I think many of the Belkin stuff is similar.

Nah it's ok most of these actually use NAPT and just call it NAT for short (NAPT = network and port address translation) :)

Pure NAT would keep the same port going in as out such as router DMZ where packets keep the same port all the way through :)

oh well, I can ping your modem from Delhi so there MUST be a problem with your PC

Not totally true - the modem isn't pinged from Delhi. Guildford actually. It does try pinging both the modem and the connected IP, but can't tell whether that's a PC or router, nor can it tell whether it's offline or firewalled.

oh well, I can ping your modem from Delhi so there MUST be a problem with your PC
Not totally true - the modem isn't pinged from Delhi. Guildford actually. It does try pinging both the modem and the connected IP, but can't tell whether that's a PC or router, nor can it tell whether it's offline or firewalled.
Point still stands; all it proves is that they can see the modem.

Is it the router being pinged or the proxy?

My router has ping blocked, but site checks detect ping on port 80 (HTTP)

I hate routers with a passion. I used to have one for my lad to access the internet in his bedroom, I've since turned it off and ordered another broadband connection from NTL.

I hate routers with a passion. I used to have one for my lad to access the internet in his bedroom, I've since turned it off and ordered another broadband connection from NTL.Please tell us why you hate routers so much.

With a PC directly connected to the 'net it is much more vulnerable to attack.

Having set up a home lan with 3+ PCs hardwired and 2 wireless laptops, I'm happy that the setup is secure and a whole lot more cost effective than 5 separate NTL cable connections!

Is it the router being pinged or the proxy?

Wouldn't be the proxy? That only affects port 80 TCP connections outbound from the PC. We're talking ICMP echo requests inbound to the modem/router, here, which don't go near the proxy. We'll know your modem's IP and router's IP (if you have a router connected) and can therefore ping them both. The modem will always reply if it's online, but the PC router may reply (in which case you know it's online) or may not (in which case you can't assume it's offline, since it might be firewalled).

My neighbour has been having problems with her connection, so she rang NTL up and they told her to check her firewall. Now she isn't running a firewall because she is using a Belkin wireless router. She explained this to them and they said that she can't be because he was in her computer.

Is this possible ????

They can take an educated guess at the number of devices (based on network traffic). They can also have a fairly good idea of what networked apps (FTP, Web, Mail, Kazaa, Limewire etc) you are running. This is based on the amount and type of network traffic your connection carries.

They can't (AFAIK) legally get into your PC though.

Pings are responses from the network card unless told otherwise. Sometimes devices will respond to ping even if they are in single user mode ie no O/S networking started.

My Belkin by default has firewall on but ICMP reply also on. So it will nicely steath port scans (drop packets rather than deny) but will respond to ping requests. I have turned off the ICMP reply so should now be pretty well stealthed.

Now usually on the inside (LAN) of the router is setup an address range like 192.168.1.0/24 (Belkin may use 192.168.2.0/24). This is a reserved IP range for internal networks and is not routable over the internet. The normal level of support rep on first contact probably does not have the know how to get around that (present company excepted).

Now if the firewall on the router is off where opted off or implicitly off because it is in access point mode (not routing) then they may be able to see your PC.

Now usually on the inside (LAN) of the router is setup an address range like 192.168.1.0/24 (Belkin may use 192.168.2.0/24).

Belkin routers have a LAN IP of 192.168.2.1 and by default assign from 192.168.2.2 to .100 to devices connected to the LAN. :)

Is it the router being pinged or the proxy?

My router has ping blocked, but site checks detect ping on port 80 (HTTP)
It is possible that a connection to your IP on port 80 is connecting to your router's config page at a guess. Would be wise for you to tell your router that admin access is only available from the LAN side to stop people trying to hack your router from the internet.