Re: Do I need a software firewall
From: Chuck (none_at_example.net)
Date: 05/31/04
- Next message: Chuck: "Re: Finding clandestine routers on a network"
- Previous message: Chuck: "Re: Finding clandestine routers on a network"
- In reply to: Mike Saunders: "Do I need a software firewall"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 31 May 2004 10:36:11 -0500
On Fri, 28 May 2004 21:35:55 +0100, "Mike Saunders" <abuse@folleytech.co.uk>
wrote:
>I am about to go to Broadband and have invested in a Vigor ADSL router with
>built in hardware firewall. I am leaving it just as a NAT router until I
>understand more about configuring the firewall (if this is needed) What I
>would like to get clear on is what I need PC software wise
>
>Obviously some AV software but do I need a software firewall?. There seems
>to be conflicting views here so whilst I do not want to encourage a shouting
>match I would like to know from those who do not run a firewall as to what
>they do as regards the trojan etc threats.
>
>Maybe I can do all I need by configuring the Vigor firewall Any comments
>
>Many thanks to all
>
>Mike Saunders
Mike,
A NAT router (does it have SPI?) is a good first layer defense. Using Defense
In Depth, you really need more protection. Nobody knows what attack might come
next, so be prepared. Most of the components mentioned below are free - any
current, well maintained system can run all simultaneously.
The second layer is a software firewall, or a port monitor like Port Explorer
(free) from <http://www.diamondcs.com.au/portexplorer/index.php?page=home>. See
various discussions in comp.security.firewall for good advice on choosing a
firewall.
The third layer is good software. This layer has multiple components.
AntiVirus protection. Realtime, plus a regularly scheduled virus scan.
Regularly updated.
Adware / spyware protection. Realtime, plus a regularly run adware / spyware
scan. Regularly updated.
Complete instructions, using Spybot S&D and HijackThis (both free) are here:
<http://forums.spywareinfo.com/index.php?showtopic=227>.
Harden your browser. There are various websites which will check for
vulnerabilities, here are three which I use.
http://www.jasons-toolbox.com/BrowserSecurity/
http://bcheck.scanit.be/bcheck/
https://testzone.secunia.com/browser_checker/
Harden your operating system. Check at least monthly.
http://windowsupdate.microsoft.com/
Block possibly dangerous websites with a Hosts file. Three Hosts file sources I
use:
http://www.accs-net.com/hosts/get_hosts.html
http://www.mvps.org/winhelp2002/hosts.htm
(The third is included, and updated, with Spybot (see above)).
Maintain your Hosts file with:
eDexter <http://www.accs-net.com/hosts/get_hosts.html>
Hostess <http://accs-net.com/hostess/>
Secure your operating system, and applications. Don't use, or leave activated,
any accounts with names or passwords with trivial (guessable) values. Don't use
an account with administrative authority, except when you're intentionally doing
administrative tasks.
The fourth layer is common sense. Yours. Don't install software based upon
advice from unknown sources. Don't install free software, without researching
it carefully. Don't open email unless you know who it's from, and how and why
it was sent.
The fifth layer is education. Know what the risks are. Stay informed. Read
Usenet, and various web pages that discuss security problems. Check the logs
from the other layers regularly, look for things that don't belong, and take
action when necessary.
Cheers,
Chuck
Paranoia comes from experience - and is not necessarily a bad thing.
- Next message: Chuck: "Re: Finding clandestine routers on a network"
- Previous message: Chuck: "Re: Finding clandestine routers on a network"
- In reply to: Mike Saunders: "Do I need a software firewall"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
