Just a question. Im seeing messages in the firewall tabs. Some have an explanation, but not the rest. Messages like "port range", "spoof attempt" an some other keep showing, with no explanation attached,
Maybe exist a list of meaning for this messages. Better yet, Qbik maybe have in somewhere a manual or sort of info, with every message showed in firewall tab?
I would like to know if someone else have the same question.. please, just this time, make a comment, not just read this thread. I'm feeling a bit lonely here, I open 4 threads before this, and just one was answer....
Regards.
Anyone knows meaning of messages in firewall?
Moderator: Qbik Staff
10 posts
• Page 1 of 1
Anyone knows meaning of messages in firewall?
by Jason Dax » Dec 08 03 8:41 am
- Jason Dax
- Posts: 44
- Joined: Oct 18 03 6:54 am
by Warren » Dec 08 03 5:23 pm
07/12/03
Hi Jason,
Don't go feeling lonely. There are Forum Users out here that read the posted messages. Problem is, that may of us don't have answers for the problems that people like yourself post.
Keep the faith and someone will surely come along and get you onto the right track.
As a comment: You shouldn't worry too much about what the messages mean in the firewall tab. Just be thankful that the messages are there, which means that someone's attempt to get into your machine and make mischief has been thwarted.
Regards, Warren
Hi Jason,
Don't go feeling lonely. There are Forum Users out here that read the posted messages. Problem is, that may of us don't have answers for the problems that people like yourself post.
Keep the faith and someone will surely come along and get you onto the right track.
As a comment: You shouldn't worry too much about what the messages mean in the firewall tab. Just be thankful that the messages are there, which means that someone's attempt to get into your machine and make mischief has been thwarted.
Regards, Warren
- Warren
- Posts: 60
- Joined: Sep 14 03 5:52 pm
- Location: New Zealand
by genie » Dec 08 03 5:39 pm
Not being a professional message interpreter, I'll take a risk and explain a couple of these phrases:
"Port range..." means that someone was trying to send a packet through the port which is not opened in your firewall settings. In other words, someone knocked but the door was closed.
"Spoof attempt" - meaning that someone was trying to be nasty, pretending to be someone else - like a wolf knocking at the Grandma door, dressed like the Little Red Riding Hood - but the Grandma was not myopic enough to open the door.
"Port range..." means that someone was trying to send a packet through the port which is not opened in your firewall settings. In other words, someone knocked but the door was closed.
"Spoof attempt" - meaning that someone was trying to be nasty, pretending to be someone else - like a wolf knocking at the Grandma door, dressed like the Little Red Riding Hood - but the Grandma was not myopic enough to open the door.
- genie
- Qbik Staff
- Posts: 1788
- Joined: Sep 30 03 10:29 am
by Jason Dax » Dec 09 03 11:18 am
thank you warren and genie for the replys: Now I know that I'm not so alone... :)
Im not too worried about the messages: Its just that sometimes seem not be logical.
While I await for an answer, I did a bit of research on the net: find some explanations to the messages, but still I'm a bit confuse.
It's ok, if the messages came from IPs outside my network, but what happens when the messages come from the server itself? The case is, i'm getting this two messages very often coming from 127.0.0.1....
Somehow, I know there must be something I have setting in the wrong way in Wingate.. I was looking for the messages explanation just to make sense what I'm doing wrong..
Everything is working fine: The POP3 server, the DHCP server, my network can browse internet, get emails, get conected to a VPN... Its just I don't like to let things like this on the loose...
Regards
Im not too worried about the messages: Its just that sometimes seem not be logical.
While I await for an answer, I did a bit of research on the net: find some explanations to the messages, but still I'm a bit confuse.
It's ok, if the messages came from IPs outside my network, but what happens when the messages come from the server itself? The case is, i'm getting this two messages very often coming from 127.0.0.1....
Somehow, I know there must be something I have setting in the wrong way in Wingate.. I was looking for the messages explanation just to make sense what I'm doing wrong..
Everything is working fine: The POP3 server, the DHCP server, my network can browse internet, get emails, get conected to a VPN... Its just I don't like to let things like this on the loose...
Regards
- Jason Dax
- Posts: 44
- Joined: Oct 18 03 6:54 am
by genie » Dec 09 03 11:23 am
Well, normally you never see messages from 127.x.x.x coming from the wire - seeing them is an indication of either machine misconfiguration or, most probably, an attack attempt - again, 127.0.0.1 packets should never be seen arriving.
However, you got right to the point - I think we need to document possible information messages clearer.
However, you got right to the point - I think we need to document possible information messages clearer.
- genie
- Qbik Staff
- Posts: 1788
- Joined: Sep 30 03 10:29 am
by Warren » Dec 10 03 5:20 am
09/12/03
Hi Jason,
There you go. Democraty in action. The "system" (Qbik) was out there listening, took note of your concerns and maybe at some time in the future we will all benefit from a messages index.
Nothing more.
Regards, Warren
Hi Jason,
There you go. Democraty in action. The "system" (Qbik) was out there listening, took note of your concerns and maybe at some time in the future we will all benefit from a messages index.
Nothing more.
Regards, Warren
- Warren
- Posts: 60
- Joined: Sep 14 03 5:52 pm
- Location: New Zealand
by Frank_Honsa » Dec 10 03 7:39 pm
Hi Jason,
I'm new to Wingate myself, but thought I'd put my two cents in regarding the 127.0.0.1 issue you were talking about. Just out of interest open gatekeeper > Options > Advanced > Network Interfaces and check that 127.0.0.1 is set to Public No and Trusted Yes.
Might be basic but its all I got!
Frank
I'm new to Wingate myself, but thought I'd put my two cents in regarding the 127.0.0.1 issue you were talking about. Just out of interest open gatekeeper > Options > Advanced > Network Interfaces and check that 127.0.0.1 is set to Public No and Trusted Yes.
Might be basic but its all I got!
Frank
- Frank_Honsa
- Posts: 1
- Joined: Dec 10 03 7:17 pm
by labull » Dec 11 03 1:36 am
check that 127.0.0.1 is set to Public No and Trusted Yes.
Is that is a safe thing to do?
As Gene pointed out, 127.0.0.1 can be spoofed from the Internet.
I've seen it here.
Larry
WinGate Lurker
- labull
- WinGate Guru
- Posts: 710
- Joined: Sep 06 03 1:03 am
- Location: Washington, DC - USA
10 posts
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 2 guests