Need Some Answers And Help On Some Computer Areas

[livinthailandos]

I have some questions out there and just wondered if any of you can help on some areas

1. Is it possible for ISP to use Deep Packet Inspection while running SSH and actually see whats going on? just curious to be honest

2. I wanted to know I'm using 3BB / Maxnett, Do I have to use the router that they gave me for internet use or can I simply just use my own belkin wireless router, if I can use my own router, any details I need to be on the look out for to input details.

3. On an issue with windows & ports. How do I actually go through and close lots of ports on windows. I would like to close ports 1000 & on and as they really have no use. I ask this because I've had limited experience on firewalls and need help

look forward to all your answers

[monty]

1. Is it possible for ISP to use Deep Packet Inspection while running SSH and actually see whats going on? just curious to be honest

No idea

2. I wanted to know I'm using 3BB / Maxnett, Do I have to use the router that they gave me for internet use or can I simply just use my own belkin wireless router, if I can use my own router, any details I need to be on the look out for to input details.

You can use your own. Remember if you go for the faster packages (8+ MBps) it will have to be ADSL 2+ capable. When subscribing you'll receive all needed info (vpi, vci, username and password)

3. On an issue with windows & ports. How do I actually go through and close lots of ports on windows. I would like to close ports 1000 & on and as they really have no use. I ask this because I've had limited experience on firewalls and need help

It's actually the other way around usually nowadays. If you have applications needing open ports and you are behind a router you will actually have to forward said ports properly, and open them on your PC even if you only have Windows Firewall on.

For detailed info on portforwarding check out www.portforwarding.com

[Prasert]

1. Is it possible for ISP to use Deep Packet Inspection while running SSH and actually see whats going on? just curious to be honest

They can do the inspection. What they will see in the packets:

-source and destination IP

-portnumber

-SSL encrypted payload

This payload is the actual data. If they want to decrypt that, it takes quite some time. Realtime decryption is merely impossible.

2. I wanted to know I'm using 3BB / Maxnett, Do I have to use the router that they gave me for internet use or can I simply just use my own belkin wireless router, if I can use my own router, any details I need to be on the look out for to input details.

Monty already gave the answer.

Normal ADSL is max 8M down, 1M up

ADSL2+ is max 24M down, 2.5M up

3. On an issue with windows & ports. How do I actually go through and close lots of ports on windows. I would like to close ports 1000 & on and as they really have no use. I ask this because I've had limited experience on firewalls and need help

Most setups with ADSL these days consist of a dsl line, router and a local network (wired of wifi).

Private IP addresses are used on the local network (eg. 10.n.n.n / 172.16.n.n / 192.168.n.n) and these addresses are unreachable from the internet.

To make this private range work, the router performs NAT, translating any private IP address to it's public IP address.

This translation is one-way. Computers on the internet cannot reach any computer on your local network! First of all, your computer uses a private IP address and 2nd each session arriving at your router (on it's public IP address) ends there because your router doesn't listen to the requested portnumber.

NAT eliminates the need for a firewall on your PC for any traffic that starts from the internet.

A firewall can be useful for connections initiating from your own pc, in case of malware already present.

Bittorrent will even work with this one-way NAT translation, since your computer will initiate connections to other peers. But other peers cannot initiate connections to your computer.

To overcome this, you need PAT (Port Address Translation) aka portforwarding. This means you tell the router to pass all traffic arriving on port xxxx on to your PC at address n.n.n.n (detailed instructions - see portforward.com)

Ports 1024 and above are used! Look at how browsing a webpage works:

Your computer opens a tcp connection to the ip address of the webserver, on port 80. In the first packet, it asks the webserver for a connection and tells the webserver to reply to the request on port 1025. The webserver then sends a reply (from port 80) to port 1025 saying it's okay and finally your computer sends a packet saying the session is working fine now. Only then it starts requesting webpages, which the server sends back over port 1025.

Once the client has received all data correctly, it tells the server that the connection can be ended.

The next session from your computer will use port 1026 for return traffic, and so on.

The router doing NAT looks at all these packets as well and keeps track of it. In the case above, it will forward all return traffic arriving on port 1025 through to your PC!

After the session is disconnected, the router deletes this entry from it's table.

So, do you need to start closing ports on your windows computer?

No.

Unless on that same local network other computers might attack yours (eg. you have a open WiFi network that allows unknown computers on your local network).