Re: hardware vs software security

From: Chuck (cacrollthespam_at_yahoo.com)
Date: 10/26/03 

Date: 25 Oct 2003 23:49:11 -0500

On Sun, 26 Oct 2003 04:17:45 +0100, Florian Reitmeir <squat@gmx.net>
wrote:

>Hi,
>
>> What's the best protection from hackers, a router or software like Zone
>> Alarms? or do I require both?
>
>wrong question, the first must be, which things you want to defend..
>
>a hardware firewall cannot be better than a software firewall on your pc,
>the argument is simple:
>
>when you use an hardware firewall:
>
>a.) pakets dropped by an hardware firwall are gone so you are safe
>b.) pakets not dropped will reach you unaltered.
>
>otherwise:
>
>the same..
>
>cu.

The term "better" is somewhat misleading. You're trying to compare
apples and oranges.

The hardware firewall blocks the incoming crap, so your software
firewall has a lot less work to do. Software firewalls can't catch
every exploit either. The Windows Messenger spam is a good example -
unless your software firewall is properly configured, you'll still get
that sh!t. A NAT router, OTOH, totally blocks it.

You still need a software firewall though to block unwanted outgoing
traffic. If not a software firewall, then a port monitor. Both are
not a bad idea. Crap like Swen is coded to disable improperly
configured software firewalls. Having a NAT router, and a port
monitor, could save your @ss, if you were to get infected by Swen (or
its successor, which is surely coming).

Chuck
I hate spam - PLEASE get rid of the spam before emailing me!
Paranoia comes from experience - and is not necessarily a bad thing.

Relevant Pages

  • Re: Firewalls and Wireless Routers
    ... this confirms the fact that a strong Software firewall is an essential part ... Since a combination of superb anti-virus software and a superb router would ... it is in direct response to any Unauthorized outbound communication ...
    (microsoft.public.windowsxp.general)
  • Re: Best free firewall software
    ... Eventually, yes, to test the effectiveness of my router. ... But I'm frankly more worried about the effectiveness of the software firewall on my laptop, since it's my only defense when I travel. ... It says to download NMap, which I did, then to run NMap from my machine, which I did. ... I'd like to do what I can to keep at least this level of protection in the future or improve it, but I'm not willing to restrict the usability of my machine for the sake of being pure or to establish an unneeded level of protection. ...
    (comp.security.firewalls)
  • Re: Networking over mains cables
    ... Just because a Router has NAT does NOT stop incoming traffic ... A NAT firewall will NOT stop Trojans etc embedded in web pages etc.. ... Not all malware/trojans etc disables software firewall, ... current series of attacks now comes in hidden payloads in webpages. ...
    (comp.sys.acorn.networking)
  • Re: Security, router vs. software firewall
    ... A NAT router will protect you from most ... A third party software firewall like ZoneAlarm protects you against outgoing ...
    (microsoft.public.windowsxp.network_web)
  • Re: Trying to Figure out Whats OK and What to Block
    ... I have a broadband connection and a router. ... to anything on the internet unless I reboot. ... software firewall pops up and tells you that Windows Media Player is ...
    (comp.security.firewalls)