Re: Completely replace software firewall with hardware firewall?

From: Jack Simmons (jsimmons88_at_yahoo.com)
Date: 03/23/05 

Date: Tue, 22 Mar 2005 17:26:37 -0800

I read this post with great interest as I have two computers configured in
this way, i.e. connected to a router connected to a cable modem. One machine
running Win-XP and the other Win98SE. I can get online with both machines
and access web pages but for some reason the Win98 machine will not download
files (shareware, updates, etc,). The download dialog box comes up but the
download will not start. This machine previously got online via dialup and
had no problems downloading. Being new at this I wondered if this could be
caused by the router or if it is just this old Win98 machine. Thanks.

"Leythos" <void@nowhere.lan> wrote in message
news:deH%d.37$nC.5@fe1.columbus.rr.com...
> On Mon, 21 Mar 2005 21:43:04 +0000, Sandi wrote:
> >
> > Here in the UK, I am on NTL cable and have just one PC attached.
> >
> > My head is spinning with all the configuration rules and exceptions
> > which need configuring for a software firewall.
> >
> > I thought I was doing ok with user guides like the section called:
> > "Personal firewall configuration for cable modems"
> > http://homepage.ntlworld.com/robin.d.h.walker/cmtips/security.html
> >
> > But it turns out that things are still more complicated than that.
> > As an example, I installed Outpost and came across this advice page.
> > http://www.outpostfirewall.com/forum/showthread.php?t=9858
> > Oh wow. It's all too much! :-) I just want protection without
> > becoming an enthusiast or even expert in firewall configuration.
> >
> > QUESTION ONE: If I buy a hardware firewall then will it completely
> > replace the need for me to have a software firewall? That would save
> > me some headaches!
>
> Nothing is perfect and nothing can protect you from all threats, not even
> a combination of Appliance and software.
>
> In general, an appliance is a better bet than software, if your computer
> were to be compromised by some means, with a software based (we call those
> personal firewalls) the compromiser could disable your personal firewall
> application. It's much harder to put a hole in an appliance from a
> compromised machine that it is to put a hole in a PFW.
>
> > QUESTION TWO: I might get a second PC and want to attach both PCs to
> > the cable network at the same time. I have heard I can do it with a box
> > which includes a hardware firewall as well as some other functions. But
> > exactly what sort of box is it that I would need? Any suggestions about
> > recommended hardware devices would be welcome.
>
> Most of the devices you are going to be able to purchase under $400 are
> called NAT Routers, they are not firewalls (even though they are called
> Firewalls by their vendors), but they do provide what I consider the best
> first layer of protection and would never setup a network without at least
> that minimum layer. A NAT router acts to block unsolicited inbound
> traffice, but in almost every case, it doesn't do anything to block
> outbound traffic - this means nothing gets in unless your computer
> requests it (and if you were compromised you don't personally have to
> request anything, the virus/worm can do it without you).
>
> I installed a NAT Router in a Sorority, 40+ girls in a house, all with
> different computers and versions of Windows, not one of them has been
> compromised since we installed it, not one unsolicited packet has made it
> inbound, and they are able to do all they need.
>
> Units like the Linksys BEFSX41 are nice, as are the DI804HV units from
> D-Link, but something as cheap as the Linksys BEFSR41 unit will do as well
> as most SOHO units.
>
> One nice thing about the Linksys units is that you can also run a free
> program called WallWatcher to monitor all inbound and outbound traffic
> through the Linksys router - it lets you see what's happening in
> real-time, so, once you learn to read it, you can see if your computer's
> been compromised. I don't run a personal firewall on any computer behind a
> NAT Router or Firewall Appliance, but I also know how to secure the
> computers so that I don't need one.
>
> --
> spam999free@rrohio.com
> remove 999 in order to email me
>

Relevant Pages

  • Re: solaris
    ... but also compare the cost. ... router while I attempted to explain the router was ... significant configuration. ... despite the fact that it should include a firewall. ...
    (freebsd-questions)
  • Re: How to connect two computer together?
    ... The first one connect to the internet through a router and then a modem. ... Run the Network Setup Wizard on all computers, making sure to enable File & Printer Sharing, and reboot. ... If you aren't running a third-party firewall or have an antivirus with "Internet Worm Protection" which acts as a firewall, ... If you need Pro's ability to set fine-grained permissions, turn off Simple File Sharing and create identical user accounts/passwords on all computers. ...
    (microsoft.public.windowsxp.general)
  • Re: Personal firewall and windows networked computers
    ... Norton internet scurity which runs its own firewall instead of the ... This interferes with file sharing between computers. ... I can disable it through Norton program. ... Is my router going to protect me if I permanently disable ...
    (microsoft.public.windowsxp.network_web)
  • Re: [SLE] Firewall zones
    ... Looking at the firewall configuration in Yast, ... zone is protected but the internal zone is not. ... It appears that the firewall configurator can specify that an interface is ... connects to the LAN and to the router; the router in turn talks to the ...
    (SuSE)
  • Re: How to turn on or off the Firewall on Linksys BEFSR41 Router?
    ... I now understand that my router has a NAT instead ... > Also, on your setup, do you have WinXP's built in firewall disabled? ... > can get the computers to access each other. ...
    (comp.security.firewalls)