Quantcast

Maximum PC

It is currently Thu Jul 10, 2014 9:46 pm

All times are UTC - 8 hours




Post new topic Reply to topic  [ 4 posts ] 
Author Message
 Post subject: repairing infected PCs - question regarding the router
PostPosted: Sat Jun 11, 2011 8:29 am 
Willamette
Willamette

Joined: Tue Feb 01, 2005 12:17 pm
Posts: 1452
This is more about the router I use when repairing infected PCs (as in, using the Internet to update anti-virus and heal a virus-infested PC---not so much about the repairing of the computer itself)....

Anyway, I find myself having to connect people's infected computers to my network to heal/fix them (which is OK because I generally don't turn on my machines while I'm doing this--or i disconnect them physically from the router.

This got me thinking though, because I was told that some newer routers (particularly business/enterprise routers--such as some of the Cisco routers that businesses and corporations will use) can store packets for a period of time, say for example, if the router is busy and can't forward the packet the instant it comes in. Does a home router do this as well?

My reason for asking is because I want to know if i should some how "flush" out my router (either by reboot or reset) so that when I disconnect the fixed computer, and restart my personal computers, that they don't some how get infected because the router may have remnants of a virus or something like that (or packets which contain bits and pieces of a potential virus, etc). I know that viruses are merely programs and need a host to trun on, and that most routers are some type of linux based. I'm not so worried about infecting the router, as i am infecting my other computers when I reconnect them to the router.

Am I safe just unplugging the newly-repaired computer ,and reconnecting my computers and going from there, or is it safer (although more of a pain) to restart/reset the router after I'm done doing a repair, before I reconned my devices to my router?


Top
  Profile  
 
 Post subject: Re: repairing infected PCs - question regarding the router
PostPosted: Sun Jun 12, 2011 8:58 pm 
8086
8086

Joined: Tue Aug 28, 2007 6:55 pm
Posts: 37
You don't have much to worry about when it comes to packets stored. They all have a field in the header called Time-To-Live. This sets a maximum amount of time for the packet to be on the network before it is eventually dropped. Added to that is the fact that you also disconnect your own pcs from the network, then they have nowhere to be sent to, other than to the internet.

As an alternative to continuing having to disconnect your pcs and reconnect after you're done working on the infected ones, you could pick up a router that has guest network functions on it, or just get a second router and have it give out ip addresses in a different subnet of the usual one. As in, set your home router to the 192.168.1.0 network with a subnet mask of 255.255.255.128, and leave the range of dhcp addresses on it from 192.168.1.1-100. On the second one, have it as the 192.168.1.128 network with a subnet mask of 255.255.255.128. This would separate your home network from the one that the infected computers are running.

That's two ways I can think of doing it. But, I have fixed many an infected pc at home myself, and have never had one of my own get infected just from being on the same network. It all comes down to the type of infection the pc has. Unless you have contacts on each computer that go to the others, then you shouldn't have much to worry about.


Top
  Profile  
 
 Post subject: Re: repairing infected PCs - question regarding the router
PostPosted: Mon Jun 13, 2011 2:54 pm 
Willamette
Willamette

Joined: Tue Feb 01, 2005 12:17 pm
Posts: 1452
True, but I thought (according to my studies of networking) that TTL was really mean to prevent a packet from jumping around infinately between routers and switches. So, I guess your comment is partially correct in that a packet won't be around forever, but TTL I don't really won't matter much in this case because there is only one router, and even if it counted the computers as jumps, from what I see, the TTL is pretty high to begin with, something like over 100 in most cases, and gets decremented each jump it makes, so it most likely would make it to a computer before the TTL expires.

I am curious to see if the Guest Network thing would work, and if it was possible for stuff to get transfered between there. My router does support a Guest network and I do use it periodically for guest's computers (when people come to visit and want to use the Internet), but none of my personal computers ever connect to the guest network (at least, while other people's computers are present).


Top
  Profile  
 
 Post subject: Re: repairing infected PCs - question regarding the router
PostPosted: Tue Jun 14, 2011 5:04 am 
Team Member Top 500
Team Member Top 500
User avatar

Joined: Thu Mar 06, 2008 4:48 pm
Posts: 728
cbassett01 wrote:
My reason for asking is because I want to know if i should some how "flush" out my router


If your router is queuing packets, and it's unlikely that it is, its only going to be for a fraction of a second. And even if it was queuing packets, they're not going to come back into your private network. A router will only forward a packet in the direction of it's destination address.


Fruguy wrote:
You don't have much to worry about when it comes to packets stored. They all have a field in the header called Time-To-Live. This sets a maximum amount of time for the packet to be on the network before it is eventually dropped.


The TTL field is merely a hop count to prevent a packet from circling around forever in the case of a routing loop. When a packet crosses a router, it's TTL field is decremented by one. It is in no way a measure of time.


Top
  Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 4 posts ] 

All times are UTC - 8 hours


Who is online

Users browsing this forum: No registered users and 5 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group