I know this is a subject that comes up from time to time. And I just spent an hour or so searching all thru SB world looking for stuff. And I got some good stuff, but...

Who out there plays SB thru a router without going to the DMZ? That is actually forwards the ports and MP goes ok?

Who uses a software firewall and plays SB MP thru the firewall? What software is it?

Here's my tale of woe...

I run a router, never got it to work well. So when I run SB I would put my PC on the other side of the DMZ and blast away. It always bugged me to have the PC exposed like that waiting for some snot nosed teenager to do something to it.

So then I thought, surely a software firewall would work. So I got one (Zone Alarm), never could get it to work. So, I'd play MP with my router and my software firewall disabled. (kind of like buying a car alarm system, turning it off, leaving the keys in the ignition with the door unlocked) Then earlier today, I load an update to ZA and my PC locks up when I go to launch multiplayer. Just hangs there.

Sean has recommended Kerio and I'm going to check that out.
Just curious if others out there had the same problem and how they solved it.

Then earlier today, I load an update to ZA and my PC locks up when I go to launch multiplayer. Just hangs there.


Have had the same thing happen, with the exact same software and I too am looking for a solution!

That's exactly why I never join in a MP game - never managed to hook up!

Too easy solution perhaps, but have you allowed Tanksim to acces internet? (ZA that is)

I have a linksys router and am able to keep the firewall up while playing MP as long as I am not hosting.

If I am hosting, I have to go into the DMZ and allow access to my desktop, but not to my other two computers that are on my network at home.

When I am done hosting, I go back to DMZ and put the firewall back up.

I have two thoughts about this.

1) It is highly unlikely that a hacker will find his way to my computer at the exact time (45 minutes to two hours) that I am hosting.

2) If I ever have a program running in the background (like chat or email) and it does anything, SB minimizes or shuts off all together. I am assuming if a Hacker was cruising through my computer at the same time I am playing SB it most likely would do the same thing.

Zone alarm allows you to specify which programs you want to give access to the internet. If you feel better having it up while playing, make sure you have tank.exe listed as having permission to access the net.

I have a program similar to PC Anywhere which allows me to work off my laptop from my desktop via my network. However, Zonealarm slows this WAY DOWN so I don't have it on when I am working from home.

However, I do run Spybot on a regular basis and since I have done that I have had no problems with anyone getting into my system. That is, if I have my network firewall up, ZoneAlarm is vWAND limited in its usefulness.

Hope this helps.

It is highly unlikely that a hacker will find his way to my computer at the exact time (45 minutes to two hours) that I am hosting.


I must disagree strongly :!: If you happen to be online when a hacker is doing random fishing, he'll be able to plant his control programming into your computer in under a minute. You won't be able to spot it as a significant slowdown, either, because the hacks are designed to be small and difficult to notice.

It's not as bad as playing Russian Roulette, but it's probably about as bad as choosing to jump out of an airplane without a reserve parachute when you have the option of carrying one.


I have a program similar to PC Anywhere which allows me to work off my laptop from my desktop via my network. However, Zonealarm slows this WAY DOWN so I don't have it on when I am working from home.


As a system admin, I am groaning in agony as I read this. :shock: When my remote users turn on their connection to the office, it disables their computer's ability to connect to any other Internet resource. I don't trust any home-firewall enough to allow otherwise.


However, I do run Spybot on a regular basis and since I have done that I have had no problems with anyone getting into my system. That is, if I have my network firewall up, ZoneAlarm is vWAND limited in its usefulness.


Well, at least you are trying. Most people who work remotely don't even do that. :)

I've had SB have full access through ZA but I still could not get an MP connection. Then with the latest upgrade not sure what the deal is there. Something fatal happens and I have to use the Master Reboot Switch (onoff button).

I have felt also that the amount of time that I am online is small and my exposure is limited. But I am also pretty ignorant of what a hacker is able to do. So I have not felt comfortable leaving my PC in the DMZ without some sort of protection.

I downloaded Kerio personal firewall 4 and am testing with that to see how it works. Seems like a well developed app.

Chaplian,

If a hacker does place a remote program in my computer while the DMZ firewall is down, will he be able to activate it while the firewall is back up?

Will spybott find his spyware and allow me to delete it?

My remote computing is just via my linksys to my laptop all behind my firewall. My laptop has a commercial grade connection VPN with system administrators keeping it secure.

Thanks to Sean, I think I may be in business:

I use an SMC7004 Barricade router. Here are the setting that Sean worked up for me today:

Under the Special Application section of the router set up, configure the following:

Trigger port: 47624, TCP, public port 2300-2400, TCP, Enabled.
Trigger port: 47624, UDP, public port 2300-2400, UDP, Enabled.

This allowed me to attach to an MP game thru the router.

Under the Virtual Server section:

Set the private IP to the internal IP of your PC. Private port to 47624, TCP, and public port of 47624.

This allowed sean to attach to me as a host.

We didn't play an entire scenario but we were able to get the game started and neither dropped. I may be the only one using this router but if not, perhaps these settings will help.




I was trying to run Kerio personal firewall 4 and it would allow SB to connect to the game. However, once the game started, I dropped immediately. This happened twice in a row.

If a hacker does place a remote program in my computer while the DMZ firewall is down, will he be able to activate it while the firewall is back up?


Yes. The remote program will "phone home" at pre-determined times. If you have a commercial grade firewall, it can be configured to spot such outgoing activity, but most home grade stuff can't be set up that way.

ZoneAlarm, unlike most software-based firewalls, is designed to catch such outgoing activity. However, many people don't understand what it is doing enough to get the settings right. When ZA alerts them about the unexpected outgoing call, some people will just tell it to let the activity continue. :shock:


Will spybott find his spyware and allow me to delete it?


I don't know. Spybott has to be able to spot the particular hack to recognize it, and a particularly nasty hack will disable Spybott if it gets on the computer before Spybott is updated with new hack definitions. :( (Some viruses do the same thing - if they get on your computer before you get the updated AV definitions, the new definitions still won't find them. That is why everyone should periodically use a web-based AV scan, such as offered by Symantic or Trend Micro - they will find a virus that has disabled the local AV program.)


My remote computing is just via my linksys to my laptop all behind my firewall. My laptop has a commercial grade connection VPN with system administrators keeping it secure.


:D

Chaplain, being someone who makes a living figuring this stuff out, what would be the best configuration to safely and reliably play SB?

The way you have it now should work fine. Its constantly running in the DMZ that you would need to worry about, but since you dont need to do that any more, you should be ok.

Chaplain, being someone who makes a living figuring this stuff out, what would be the best configuration to safely and reliably play SB?

Heh, heh - I never found a good solution. :roll:

I got ZoneAlarm to work well, even for hosting. However, it gave me trouble with two programs that I really need for work, so I can't use it on my better computer.

It sounds like the firewall Sean is recommending is a good option.

The Windows XP built-in firewall (ICF) works if you are connecting only as a client, but cannot be used for hosting. When I play a game I put my computer in the DMZ and enable ICF. When I finish an MP game, I put my computer back behind my main firewall and disable ICF.

I got ZoneAlarm to work well, even for hosting. However, it gave me trouble with two programs that I really need for work, so I can't use it on my better computer.


Chap...How did you set up ZoneAlarm for SB?

Thanks,

mm