Help with my network security

Comodo Internet Security - CIS Firewall Help - CIS
#1

Hello
First of all I wanted to thank you for such firewall software. It is very useful.

My ISP tariff is counted by traffic. it is limited.

My modem is D-Link 500T, firmware is updated to work with “Satellite CardSharing”

I found that in ADSL modem, there were enabled port forwarding. And in DHCP Clients menu I found different IP address then mine, 192.168.1.3 was active.

I think that the person, who set up my connection enabled port forwarding to access the internet through my router, to gain free internet traffic. Because traffic inside ISP’s network is free.

I found my traffic being used more than I used and upload traffic is also too much. I seldom make uploads. I removed that IP address from port forwarding menu, and installed Comodo internet security firewall.

Now seems it is ok, but it is still sending traffic to the internet. As I know, cardsharing service will not send such amount of traffic (30mb were sent yesterday for example).

Finally, the questions are:

  1. I understood right about port forwarding thing?

  2. Today I enabled DMZ in my router. Because I could not download through Apex DC+ (peer 2 peer) program. I enabled it, and it started downloading, but, suddenly there were so many connection attempts which were blocked by COMODO firewall. What should I do.

  3. 30mb sent traffic - is normal? when I did not send anything? Antivurus bases are updated

  4. COMODO firewall sometimes finding wired networks, which my PC would like to connect. 169.254.164.170 for example. someone can explain this?

  5. I use Mozilla Firefox. COMODO firewall says it is connected to so many destinations, sometimes I think maybe it is using my traffic limit?

Thank you

#2

I would say keep an eye on the forwarded ports just in case. Does the modem have the possibility to be accessed from the web? If so disable it.

  1. You did the right thing closing ports that were needlessly open. May be the person who set up your modem used his own laptop?

  2. Putting your computer in DMZ to get a p2p app running is not necessary. What made you do that? Can you show us a screenshot of the firewall logs to show what traffic is being blocked. What ports do need to be open for the p2p program. Did you open them in CIS?

  3. I have no clue as I am not familiar with cardsharing service. Can you explain what it is.

  4. It means that Windows did not find a dhcp server to get an IP address from and will then hand out an IP address in the 169 range. Windows didn’t see the modem. Make sure you cables are not broken, make sure the network cable is plugged up tightly, update your network card’s drivers…

  5. The Active Connections window refreshes only slowly and will show already closed connections as a consequence.