I am really confused about my Linksys BEFSR41 router/firewall. I don't have ANY exceptions turned on, no port forwarding, port triggering, etc., yet today as a trial, I was able to start up my web cam, bring up Yahoo Messenger, go to adult "chat rooms" and see and be seen on my video camera immediately! I'm concerned for the rest of my family that have kids and the same firewall I have.
Obviously, there is something very basic I don't understand about hardware firewalls and software apps like Yahoo Messenger.
Can anyone enlighten me please? How can I block this type of connection without blicking general access to the Internet from a specific PC?
Probably your router / firewall doesn't block anything in its default configuration... you will have to change the configuration to reflect what you want to block. Firewalls work on a ruleset which specifies what is allowed and what is denied. By default these devices come with an empty ruleset.
You can find which ports to block for Yahoo Messenger with a quick google.
Furthermore, you might want to consider a personal firewall on your desktop.. either Sygate or Zonealarm should do.
I've also seen the default configuration where everything initiated from the inside is allowed out, but anything initiating from the outside and trying to come in is blocked. I imagine yours will be like that. If so, as Sahirh so rightly says, it's time to draw up a list of things you want to allow (e.g. HTTP, FTP and mail for starters plus maybe some more, depends on what you want) and block the rest. Easiest way is to explicitly allow the things you want in a set of rules then have a 'deny all for any to any' rule at the end of the list
As much as a shock as it might have been, over 80% of home firewall devices are setup in a similar way.
The firewall/router device is almost never configured to stop users from accessing various available services on the Internet, but to stop the Internet from accessing the client's network without an invitation.
For example, our server here at firewall.cx wouldn't be able to send any data to your pc or network, if you didn't previously request it. By requesting the data from our server (e.g by typing
in your browser), the router understands that you wish to access this resource, so it will then happily allow our server to send you the required data.
So, in your case, when you visited the chat room(s), your router/firewall naturally allowed all related services through.
This is also another reason why companies create policies, in which they specify the services allowed to be access by their users. Once in place, the appropriate rules are created at the firewall level, ensuring they are applied correctly.
If you though the web cam was quite a surprise, consider that if you blocked it, hoping that adult material will stop coming through, but left your web browser to be able to freely 'surf' the net .... then anyone could easily access adult websites and download pictures, movies e.t.c without any restrictions.
The issue to me here seems to be more on what your allowed to view, rather than the services - and that's typical for home users.
If you wish to block adult type material, including, msn chat rooms, websites, videos, pictures and the rest, then a firewall will do no good - you'll need to obtain software such as Net Nanny, which contain huge lists of such sites and will automatically block you from visiting them.
Thanks for the great input from you guys. Actually, I'm still somewhat confused, even after souring the Linksys web site. Unfortunately, although Cisco bought Linksys, they sure haven't appled their quality control and documentation standards to Linksys!
It's frustrating that I can't seem to find DETAILED information about precisely how the Linksys routers work anywhere on their site. Of course, I know most people just plug in the power supply and connect their network wires, but I'm a techie (ex-programmer) and would love to know what is really happening in the firmware.
Anyway, I was told by a Linksys tech support guy that the linksys routers come with certain ports open in the firmware and these ports can't be closed! Does this sound right? The ports he listed are: 21, 23, 25, 53, 69, 79, 80, 110, 119, 161. The only one I recognize off the top of my head of course is 80. He "surmised" that Yahoo Messenger must be using one of these default open ports for their video. That however, seems to be very different than what you guys are saying, if I understand you.
Maybe you guys and Linksys tech support are saying the same thing and I'm just not fully understanding.
I did, however, find this very interesting blurb on a google search relating to Yahoo Messenger (although it doesn't specifically mention the video cam functionality), that may provide a clue:
If you are trying to connect from behind a firewall that doesn't use proxy servers, Yahoo! Messenger will automatically search the firewall for an open port, and, if it finds one, use that to connect. If Messenger is unable to find an open port, ask your System Administrator to open port 5050 to our Messenger servers, cs1.yahoo.com, cs2.yahoo.com, and cs3.yahoo.com.
I also found this in the same article:
Please Note: If you are a network administrator and you wish to know what ports Messenger uses, this is the order in which Messenger scans:
So then, am I to understand that it probably scanned and found the Linksys default port 80, then happily proceeded to use it for text chatting and the video for my shocking porn experience?