hey, i have a few pcs here all with win xp and they plug directly into my router which is set up perfectly as 192.168.0.1, NAT on, its own firewall off (too much hassle). The relelvant ports have been forwarded to allow incoming connections to the relevant computers and their relelevant server applications/games etc.

so everything is working 100% which is why i am not too keen on changing things.

thing is, all in all, i am only being protected through NAT right? I have no firewall installed. I did try this before, Zonealarm free version, the only problem was lots of games and other stuff stopped working, i got too annoyed with it and just gave up with a firewall.

so what kind of risks (what could people actually do) running a network like this. there are about 40 single/range ports forwarded to various pc's, and they have servers of various types running 24/7 (apache/bulletproof/ultravnc/games etc etc).

i really want to get zonealarm again and try it out, but im scared because it is wokring fine, so any suggestions on setting up the free version to work with this setup will be greatly appreciated too.

well when your ports are being forwarded to those computers then anyone can get into those computers with those ports. what ports are your forwording then i can look up what stuff could happen.

~William

You are really just hanging yourself out there for anyone to see. I couldn't do much because I'm not a good hacker but for others...

XP has its own firewall if you go to the advanced settings for your network connection on each machine. It's not that great.

I did get Release Candidate 1 of XP SP2 and I can tell you that it is better for security. When SP2 comes out, it may be worth while.

I use Zone Alarm Pro as I have a computer acting as my router right now. For $40, it is a good investment. The free one will work fine on each of your machines. All that you really need to do is to do is to tell ZA what programs to let through. It's not perfect but it works well.

Welcome to the forums.

Please consider folding for team 32. We are #3 in the world and looking for help. It's lots of fun and for a good cause. Use those spare CPU cycles and Fold. Please see the link in my sig or send me a PM.

hey, well ive now bought and installed zone alarm pro, and all is working fine, which is nice. Great program.

so just out of interest before i installed zone alarm etc going back having the ports forwarded.

william said,

"well when your ports are being forwarded to those computers then anyone can get into those computers with those ports. what ports are your forwording then i can look up what stuff could happen."

how can someone get into my computer through one of those ports???????????????? for example i have ports 6881-6999 tcp forwarded to all pc's, but how could someone access my computer through those ports for example, or is it just specific ports.

One of the router's features is that it acts as a firewall. Once you start forwarding ports, aka opening them, then you start to run the risk of a hacker getting in. Unless, of course, you run a software firewall as well. ;)

ok thanks for your fast reply, all sorted then :)

I have port 80 forwarded to one of my PCs for apache. This isn't a security risk is it? I did the two security tests at www.dslreports.com and passed them both with a perfect score. I have "Advanced Firewall Protection" and "Discard Ping From WAN" enabled in my router config. I don't have a software forewall on any of my conputers.

Please consider folding for team 32. We are #3 in the world and looking for help. It's lots of fun and for a good cause. Use those spare CPU cycles and Fold. Please see the link in my sig or send me a PM.
I second this. I'm folding on both pcs 24/7. Please join and help team 32 (us). You can learn more about this here. (http://www.ocforums.com/showthread.php?s=&threadid=108580)