Those piece of Sh1t Eircom branded netopia routers

ED E

Hey lads,

In order to use the Xbox we have to drop the Firewall from the default "Medium" to "Low". The thing is last time we bumped it down we had a suspected intrusion so we quickly reversed it. Have just been using the Xbox locally since. Another thing we noted was when the firewall was dropped our bandwidth increased so to speak. Normally in order to get the full ~330Kbps(I know I know!) down we need to limit all outward traffic to ~8kbps. Any higher and the down is slashed. Rather annoying.

So, what I'm wondering is what is the practical difference between Medium and Low? This is all the info you get from them(By god I wish we had the cabling for UPC around here).

High: This level of firewall protection turns off all communications to and from the Internet, permitting traffic only within your own network.

Medium: Recommended setting. This level of firewall protection allows information to be sent securely to the Internet, but prevents anyone from the Internet from identifying the network address of your Router. This is the Internet equivalent of having an unlisted phone number.

Low: This level of firewall protection allows information to be sent securely to the Internet, but prevents most attempts from the Internet from identifying the network address of your Router. Some methods of network address identification are allowed, such as via a pinhole, IPMaps or a NAT default server.

Any input appreciated,
Thanks
Lethal

FusionNet

If your totally relying on netopia for firewall protection then I dont think it matters what level its at. The nrtopia eircom routers provide very little protection as it is. Can I ask what told you you had an "intrusion"..? Xboxs and PS3's arent that prone to hacking and viruses. If you have PC's on the same network they should have good antivirus anyways... I wouldnt be worrying...

ED E

FusionNet wrote: »

If your totally relying on netopia for firewall protection then I dont think it matters what level its at. The nrtopia eircom routers provide very little protection as it is. Can I ask what told you you had an "intrusion"..? Xboxs and PS3's arent that prone to hacking and viruses. If you have PC's on the same network they should have good antivirus anyways... I wouldnt be worrying...

Thats the thing, some do, some(like the media centre attached to the projector) do not. Might just rectify that.

One of the security apps piped up before, dont remember any details as it was a good 6 months ago at this stage.

FusionNet

Id spend the 120 odd euro and get a decent router like the Netgear b/g/n one and get Eset antivirus for the PCs. those that rely on The Motorola netopia to protect them are in for a land....

msg11

FusionNet wrote: »

Id spend the 120 odd euro and get a decent router like the Netgear b/g/n one and get Eset antivirus for the PCs. those that rely on The Motorola netopia to protect them are in for a land....

I would go with that, also if your anyway good with networking or know a bit. Wireshark is good if you want to see where/why your speed drops on the low setting.

Zab

Don't buy another box, what you have is fine. The more secure something is the less communication it allows. The only truly secure system doesn't allow any communication at all. Obviously, this wouldn't be terribly useful, so we allow more communication to happen. The type of communication required by Xbox live means you to have the Netopia's firewall set to low. This doesn't allow unfettered access to your network. Essentially, among other things, setting it to low allows the devices on your network to ask the router to forward them information coming from the internet without initiating the transfer themselves. If you're using a filesharing network, this is likely why you're seeing an increase in traffic, as nodes that were previously unable to communicate with you (as they don't allow inbound communication) now can. Seeing a drop in download speeds if you saturate your upload bandwidth is normal, as most communication entails at least some sort of acknowledgement from the recipient and if this is slow in coming things will be delayed.

layke

I've never had much experience with those routers or an Xbox for that face but can you set a static IP on the workstation and create a firewall rule to allow traffic using only the ports an Xbox uses?

NAT and PAT should provide you with a fair bit of protection either way regardless of the port blocking a firewall uses.

If you really want to see what your bandwidth is doing why not download Wireshark and have a look at what is actually going out what port?

Bear in mind you may need to know a little about network protocols to understand it but that's where Google comes in handy.

Zab

layke wrote: »

I've never had much experience with those routers or an Xbox for that face but can you set a static IP on the workstation and create a firewall rule to allow traffic using only the ports an Xbox uses?

No, not without setting the "Firewall" to "Low". It's just the language it uses. "Medium" firewall setting doesn't allow static NAT entries. At the moment it sounds like he's using uPnP. Obviously there's issues with this, but if he wants to turn it off he'll have to learn how to manually configure the ports.

Dardania

what you could do to keep traffic rates in check is to enable diffserv on the netopia, and assign a higher priority to xbox & web traffic, and keep bittorrent etc. set to low...