Error - template LAYOUT-DATA-WRAPPER not found

A configuration error was detected in the CGI script; the LAYOUT-DATA-WRAPPER template could not be found.

Error - template STYLE-SHEET not found

A configuration error was detected in the CGI script; the STYLE-SHEET template could not be found.

Error - template SUB-TOP-BANNER not found

A configuration error was detected in the CGI script; the SUB-TOP-BANNER template could not be found.
Subject:
Re: Norton Firewall Blocked attempt
From:
David Gillett <[log in to unmask]>
Reply To:
PCSOFT - Personal Computer software discussion list <[log in to unmask]>
Date:
Mon, 5 Sep 2005 11:36:05 -0700
Content-Type:
text/plain
Parts/Attachments:
text/plain (67 lines) 
On 5 Sep 2005 at 13:19, Hugh Vandervoort wrote:

> Actually, if you're connected to the internet, you're on a network.

  ... but it should still follow normal network rules.

> That 255 number is a network mask (Which I've never really understood),
> but I believe it should be 255.255.255.0

  Uh, no.  Norton's firewall does not (and cannot) report network masks.

  An IP address is a 32-bit number.  It is normally split up into four 8-bit
bytes, and each byte is written in decimal with periods separating the bytes
-- this is called "dotted quad" notation.  Any 32-bit number can be written
this way.
  A network address consists of two parts:  the network part and the host
part.  In some protocols (IPX, AppleTalk) these are two spearate numbers; in
IP, a single 32-bit number is split so that some bits are used as the
network part and some as the host part.
  A "subnet mask" is a 32-bit number -- often also written in dotted quad
notation -- which specifies which bits in an address comprise the network
part of the address (those bits will be "ones" in the mask).
  Your example mask of 255.255.255.0 is a very common value which indicates
that the first three bytes (octets) of the IP address are being used as the
network part, leaving one for the host part.

  A computer uses its mask to determine whether another device is on the
local network (reachable directly), or if it is reached through a gateway
router.  A router knows the mask associated with each of the networks to
which it has a direct connection -- if a destination isn't on one of these
networks, it has a table of gateways on those networks and what address
ranges are reachable via each.
  Neither a host nor a router ever needs to transmit any of its mask values
as part of the network traffic.

  There are some special rules about the host part of the IP address, and
one of them is that if all of the host bits are "ones", the destination is
not a single host but a broadcast to the entire local network segment.  It
is possible to use this to specify a broadcast on a remote network by
setting the network portion of the destination (although many routers are
now configured to block this...); if all the network address bits are also
"ones", the broadcast is for the local network segment.
  So a packet with the destination address "255.255.255.255" is a broadcast
on the local segment, and it can only have come from a device on the local
segment (perhaps the router?).

  But a packet whose *source* address is 255.255.255.255 is claiming to have
come, not from one machine, but from every machine on the segment!  That
can't be right.  Some Denial-of-Service attacks use tricks like this to try
to get their victims to send responses to the entire local segment (and
flood it), but no normal traffic should ever look like this.


>  From the run line, type cmd, click OK.
>
>  From the command line, type ipconfig /all (This will give you your
> network settings) and post the results here.

  That may be helpful, although I think we may need to also see the router's
configuration information.

David Gillett

             PCSOFT maintains many useful files for download
                     visit our download web page at:
                  http://freepctech.com/downloads.shtml

ATOM RSS1 RSS2

LISTSERV.ICORS.ORG Secured by F-Secure Anti-Virus CataList Email List Search Powered by LISTSERV