cancel
Showing results for 
Search instead for 
Did you mean: 

FTTC recently installed - a few random questions...

toggie101
Rising Star
Posts: 84
Thanks: 4
Fixes: 1
Registered: ‎02-04-2008

FTTC recently installed - a few random questions...

Hello,
I had phone and unlimited fibre installed on Monday and all appears to be well, apart from the current peak time speed problems.
You were so great at answering my questions previously that I've come back with a few more to quiz the collective.
- Unfortunately I missed the opportunity of getting an extension fitted into my study during installation, so I'm forced to improvise.
Would there be any problem with running a 10m Cat6 ethernet lead from the BTOR modem into my study where my PN router would then be?
- With PN's router, is there any way to block certain MAC addresses from accessing my wi-fi connection?
There's an unknown device (all my devices are named and accounted for) trying to gain access over night, but failing to get authorised. Intrusion detection logs also show some TCP port scans (or are these a normal occurrence?).
From the first day I've implemented my normal layman's security measures (turned off SSID broadcast, disabled WPS, changed wi-fi username & password etc): anything else I should do?
Or, am I getting mildly concerned about nothing?
- I have a static IP address dating back a decade or so (I really should get the rDNS changed from my username); I don't currently have need for it, is there any downside to maintaining it?
Many thanks for your time and patience with reading this.
All the very best.
Cheers,
Tony
8 REPLIES
Bright
Grafter
Posts: 363
Registered: ‎02-02-2013

Re: FTTC recently installed - a few random questions...

Quote from: toggie101
Would there be any problem with running a 10m Cat6 ethernet lead from the BTOR modem into my study where my PN router would then be?

No problem at all. Presumably the BTOR modem would then remain next to the master socket - that's a perfectly good arrangement.
Quote from: toggie101
- With PN's router, is there any way to block certain MAC addresses from accessing my wi-fi connection?
There's an unknown device (all my devices are named and accounted for) trying to gain access over night, but failing to get authorised. Intrusion detection logs also show some TCP port scans (or are these a normal occurrence?).

I'm not sure, as I don't use the PN router - others may be able to answer this. But a better solution would be to whitelist the devices you do use, rather than blacklist a rogue MAC address. That would prevent the culprit from cloning the MAC address or using a different device and keep trying.
TCP port scans are a reality of life on the internet these days. I get scanned regularly. So, just make sure your router firewall is active and you don't have any ports open unless essential. You can check with Shields Up.
Quote from: toggie101
From the first day I've implemented my normal layman's security measures (turned off SSID broadcast, disabled WPS, changed wi-fi username & password etc): anything else I should do?
Or, am I getting mildly concerned about nothing?

Unless you absolutely need it, also disable UPnP as there are known security flaws in some implementations (not in the TG582n though), and if you are unlucky enough to get an infected computer, it stops it opening ports on the router for external access.
And obviously make sure your wifi passwords are nice and long, with a mix of capitals, lower case, numerals and symbols. The longer the better.
Quote from: toggie101
- I have a static IP address dating back a decade or so (I really should get the rDNS changed from my username); I don't currently have need for it, is there any downside to maintaining it?

No. But you should definitely get the rDNS changed!
Community Veteran
Posts: 6,773
Thanks: 258
Fixes: 21
Registered: ‎16-02-2009

Re: FTTC recently installed - a few random questions...

I would recommend a cat5e rather than a cat6 cable, purely as they are more flexible, cat6 is solid.
toggie101
Rising Star
Posts: 84
Thanks: 4
Fixes: 1
Registered: ‎02-04-2008

Re: FTTC recently installed - a few random questions...

Thanks Bright & HB for your time.
Quote from: Bright
I'm not sure, as I don't use the PN router - others may be able to answer this. But a better solution would be to whitelist the devices you do use, rather than blacklist a rogue MAC address. That would prevent the culprit from cloning the MAC address or using a different device and keep trying. TCP port scans are a reality of life on the internet these days. I get scanned regularly. So, just make sure your router firewall is active and you don't have any ports open unless essential. You can check with Shields Up.

Hmm, don't know how to go about whitelisting on the Technicolor. Does anyone here know? Thanks.
There's a firewall at PN, one in the router and one on the computers so I should be okay. I've already checked with Shields Up and it was green across the board.
Quote from: Bright
No. But you should definitely get the rDNS changed!

I've requested it. Only took me over 10 years to get around to it.  Cheesy
Quote from: Hairy
I would recommend a cat5e rather than a cat6 cable, purely as they are more flexible, cat6 is solid.

I didn't know that. But the cable I'll be buying is white and flat, so it'll run along skirting boards and under carpets and hence a little less offensive to the eyes!
Thanks again.
Cheers,
Tony
Also, I forgot to mention that I'm getting a few reports of:
FIREWALL icmp check (1 of 2): Protocol: ICMP Src ip: 46.165.220.202 Dst ip: 212.159.47.125 Type: Destination Unreachable Code: Port Unreacheable
Should I panic?
Finguz
Grafter
Posts: 397
Thanks: 1
Registered: ‎21-02-2013

Re: FTTC recently installed - a few random questions...

Nope that's just the internet working, or at least trying to, but your router is set up to not respond to ping requests probably.
I could be completely wrong of course, it wouldn't be the first time, but I wouldn't worry  Cool
Bright
Grafter
Posts: 363
Registered: ‎02-02-2013

Re: FTTC recently installed - a few random questions...

Quote from: toggie101
Also, I forgot to mention that I'm getting a few reports of:
FIREWALL icmp check (1 of 2): Protocol: ICMP Src ip: 46.165.220.202 Dst ip: 212.159.47.125 Type: Destination Unreachable Code: Port Unreacheable
Should I panic?

That's a message to your router (IP address 212.159.47.125) from a server at the domain lotusevora.com (IP address 46.165.220.202) telling you that the port "you" tried to connect to on that host is unreachable. Is there any reason why a device on your network should be trying to contact this site: http://lotusevora.com/ ?Huh
(It is an ICMP packet but it's not a ping)
Finguz
Grafter
Posts: 397
Thanks: 1
Registered: ‎21-02-2013

Re: FTTC recently installed - a few random questions...

Oooh, half right, I'm improving  Grin
Bright
Grafter
Posts: 363
Registered: ‎02-02-2013

Re: FTTC recently installed - a few random questions...

I should have added that since your firewall blocked the response, the original request most likely didn't originate from your network. One possible explanation is that someone elsewhere on the internet happened to spoof your IP address in a packet they sent to that site. Possibly as part of a DoS attack, or some other nefarious probing of that server.
toggie101
Rising Star
Posts: 84
Thanks: 4
Fixes: 1
Registered: ‎02-04-2008

Re: FTTC recently installed - a few random questions...

Many thanks for the info.
I think I should stop reading router log reports or maybe just turn the internet off!  Cheesy
All the very best.
Cheers,
Tony