Before I fall out with my home IT "expert"

  • Thread starter Thread starter roger miles
  • Start date Start date

roger miles

Guest
Can anybody please help a numpty like me "advise" my IT expert mate where he is going wrong.

Trying to set up a decent firewall and home network he has adapted my home system and now the internet/network keeps going down!! I am now running a stand alone box with Linux (Red Hat) and apparently a couple of firewalls. That box connects to broadband through a D-Link network modem on one network card and out to a wireless Netgear modem router on another network card. The router has the modem disabled and just acts as a router connecting to a lap top and a desktop wirelessly? and a laptop hard wired.These all work on XP.

The linux box operates on a command line? and regularly displays two messages:

"Neighbour table overflow" -got loads of lines with this on (100s lines suppressed?) but network etc still seems to work ok?

"E100:eth0 NIClinkis Up100Mbps Full duplex" This message seems to coincide with the system going down.

When I reboot the Linux it all works but eventually goes down after a varying periods - hours or days.

Can anyone advise where I might suggest he looks as he doesnt seem to understand the significance (if any) of the messages although wont admit it!!
 
roger miles said:
Can anybody please help a numpty like me "advise" my IT expert mate where he is going wrong.

Trying to set up a decent firewall and home network he has adapted my home system and now the internet/network keeps going down!! I am now running a stand alone box with Linux (Red Hat) and apparently a couple of firewalls. That box connects to broadband through a D-Link network modem on one network card and out to a wireless Netgear modem router on another network card. The router has the modem disabled and just acts as a router connecting to a lap top and a desktop wirelessly? and a laptop hard wired.These all work on XP.

The linux box operates on a command line? and regularly displays two messages:

"Neighbour table overflow" -got loads of lines with this on (100s lines suppressed?) but network etc still seems to work ok?

"E100:eth0 NIClinkis Up100Mbps Full duplex" This message seems to coincide with the system going down.

When I reboot the Linux it all works but eventually goes down after a varying periods - hours or days.

Can anyone advise where I might suggest he looks as he doesnt seem to understand the significance (if any) of the messages although wont admit it!!
Click to expand...


What's the point of having the Linux box between the two networks, is there no firewall on the D-Link network modem.

Sounds like the IP addressing and subnets are not set up properly, probably on the wireless side as there are more devices there.

Can you list all the IP addresses for all connected devices, and the netmask?
 
I have a linux firewall protecting my network. However it is a proper firewall product called Smoothwall. There are others notably IPCop. These all provide a much more comprehensive protection in my opinion than the firewalls included in the cheap routers. However you certainly should not be getting error messages like that.

I wonder whether your wireless router doesn't like the fact that it has not got an ADSL line connected. The ones that I have seen did not have anywhere you could disable the modem. Another friend of mine had got hold of a freeby ADSL modem/wireless router and he had similar problems losing wireless connectivity regularly. Everytime it happened the wireless routed had to be rebooted to get the wireless network back online.

The other error looks like some is very b&^gered in the Linux boxes setup.

A link here to a discussion http://lists.debian.org/debian-isp/2002/01/msg00358.html

After a further look there are discussions were it seems that a lot of different issues can cause the message to appear

http://mail.nl.linux.org/kernelnewbies/2002-08/msg00244.html

https://listman.redhat.com/archives/k12osn/2003-December/msg00262.html




Chris
 
Thanks for the interest chaps, the Linux box is there as our mad prof suggests, for better protection and I think Smoothwall is part of it? I also am suspicious of the router and will be trying replacing some of the hardware first. He's coming round tomorrow, watch this space.........if I can get back on t'internet!
 
wireless Netgear modem router

Wot one mate? most contain a bloody good little SPI (statefull packet inspection) firewall, I know of lots of conpanies who don't have a lot better...

Linux designed for Pengiuns not People...
 
I can't see why you would need a couple of firewalls ... one should be enough ... unless your risk of being hacked is somewhat greater than everyone elses...
Go HERE and then down to Shields up ... select All ports to get your ports probed and get a text report ... if it looks like this ...
----------------------------------------------------------------------

GRC Port Authority Report created on UTC: 2006-03-04 at 17:11:14

Results from scan of ports: 0-1055

0 Ports Open
0 Ports Closed
1056 Ports Stealth
---------------------
1056 Ports Tested

ALL PORTS tested were found to be: STEALTH.

TruStealth: PASSED - ALL tested ports were STEALTH,
- NO unsolicited packets were received,
- NO Ping reply (ICMP Echo) was received.

----------------------------------------------------------------------

Then its a good un' ... I only have the firewall in my router (Netgear DG834G) and it just works...
 
What's on you network that needs to be protected to these levels?

Are you running a business from home processing credit card details or summat. If it's just a home network why the paranoia? If your "expert" is your offspring I'd be poking around his files to see what he is up to.

Personally, if you only have a home network and the PCs you use only run windows then I wouild junk the Linux box and Dlink modem. Set up a WinXP network using just the Netgear modem/router. This will provide a perfectly adequate firewall.
 
Lots of questions there chaps and my IT man couldnt make it last Friday after all!+&*@#. Thanks for the test suggestion Ste@SSB. result as below. I am currently using a Netgear 834g but will be plumbing in a Netgear WGT624 wireless router and switch when he comes next Friday. The reason I want a secure network is because I have 3 ungratefuls (sons) downloading god knows what all over the house and I am concerned about the consequences, especially if they connect me to a remote server at work as I keep trying to avoid.
----------------------------------------------------------------------

GRC Port Authority Report created on UTC: 2006-03-07 at 23:06:48

Results from scan of ports: 0-1055

0 Ports Open
0 Ports Closed
1056 Ports Stealth
---------------------
1056 Ports Tested

ALL PORTS tested were found to be: STEALTH.

TruStealth: PASSED - ALL tested ports were STEALTH,
- NO unsolicited packets were received,
- NO Ping reply (ICMP Echo) was received.

----------------------------------------------------------------------
As a related issue and from reading other posts the following may be of help to virgins like me reading this post. I didn't know that with the way that XP was installed, although I had Administrator rights I wasn't actually the Administrator for network access etc purposes. Now remedied by accessing through pressing Ctrl-Alt-Del at the select user account stage (or apparently discernible in "Classic" view).
Watch this space - bloody thing hasn't gone down for days now! Thanks for the interest.

I used to like playing Dizzy on my kids Spectrum and it doesnt seem that long ago!!
 
roger miles said:
The reason I want a secure network is because I have 3 ungratefuls (sons) downloading god knows what all over the house and I am concerned about the consequences, especially if they connect me to a remote server at work as I keep trying to avoid.
Click to expand...

Cool ... sounds like you know what you need ... does still sound a bit over complicated to me ... I prefer to use the least I can get away with rather than trying to cover all eventualities ... a determined hacker will get in anywhere given enough time...
if you want to stop your sons downloading dodgy stuff you will have a hard job on your hands ... all depends on their level of knowledge and how mean you want to be ... but do bear in mind that YOU are responsible for whatever they download ... and with the way things are going with the music industry it might be more sensible to stop them downloading all together ... there is plenty of information out there on how to make P2P programs work ... but very little useful information on how to stop them working ... if they use Bittorrent just disable outbound ports 6881-6999 ... that'll confuse them for a while ... for all other file sharing programmes ... just look up information on how to make them work and do the opposite...
 
Nippy Normans supply Touratech, Wunderlich, Desert Fox and many other makes of accessories.
You must log in or register to reply here.


Back
Top Bottom