Question on external threats (Port Scans, DoS Syn/Ack, TCP/UDP Chargen, etc)

Comments

2 comments

  • Avatar
    Firewalla

    1. The Gold has an ingress firewall turned on by default ...  So that will lock out most of the attacks

    2. If you accidentally left a port open, firewalla will likely trigger alarms, and in some cases, silently block.   

    In your case, (1) is likely working hard.   You can also take a look at the open ports button, if you see things there, close it, then you will likely be more secure.

    0
    Comment actions Permalink
  • Avatar
    networker5

    I have a similar question. Because I see lots of alarms with very little details so it's hard to know if these are legitimate system functions or areas for further investigation. And if the latter there is no way to actually do anymore investigation because none of the packets are captured.
    A Windows device that has an alarm such as the one below... Should I be concerned? I would expect some indication from the app that I should not be or some way to see what is actually being uploaded... Otherwise what's the point of this device?

    Device DESKTOP-CN544 uploaded 1.03 MB data to android.clients.google.com at about 1:09 PM.

    Also, while I find it very useful to see different types of activity like video usage or gaming, it's all merged together an alarms so scrolling through and seeing random notifications of video or gaming is not very helpful. Is it just me? Is it just an early app design? Finally, from the above comment it looks like there are silent blocks, but I think it's important to know if I'm being attacked or hacked. Seeing those attempts somehow, even if it's just a summary, would be informative . Don't you agree?

    0
    Comment actions Permalink

Please sign in to leave a comment.