Re: How safe is WinRoute?
From: Sue Gier (suegier@shentel.net)Date: 01/18/02
- Previous message: Al: "Re: Rights (Permissions) for CD-Writers ?"
- In reply to: no-spam: "Re: How safe is WinRoute?"
- Next in thread: eri: "Re: How safe is WinRoute?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Sue Gier" <suegier@shentel.net> Date: Fri, 18 Jan 2002 10:14:15 -0500
"no-spam bhfshops.org.uk" <rc@> wrote in message
news:3c468c06.1193716@news.demon.co.uk...
> On Wed, 16 Jan 2002 22:06:26 GMT, (Jeff Cochran) wrote:
>
> >>1. If I set up the packet filtering correctly, will that along with the
NAT
> >>in WinRoute be adequate to protect a small NT network? I have no html or
ftp
> >>servers on the LAN. I do plan to use the Mail server in WinRoute.
> >
> >WinRoute is not a firewall, and NAT provides minimal protection. You
> >mention no virus software either, so the end answer to your question
> >is: No.
WinRoute is not a firewall because it doesn't have stateful inspection? It
does have a silent mode--it won't respond to incoming ICMP requests or
incoming packets that have no entry in the NAT or incoming UDP packets whose
source address were not recorded from an outgoing packet. It also has an
"Anti-Spoofing" feature that allows you to block incoming packets that have
an address from your LAN.
I'm using Norton AntiVirus Corporate Edition
>
> Putting any kind of firewall / Internet gateway on a Windows machine
> is a bad idea. Use a secure OS line OpenBSD Linux etc. or a dedicated
> box. There are many out there!!
And this is because of the inherent security flaws in the operating system
itself? So even though I'd have software monitoring all traffic through the
internet connection at the IP and UDP level, it would still be possible to
exploit a Windows weakness to gain access to the LAN subnet. This will
require that I put a piece of hardware between my Windows LAN and my
IPS--whether it be a non-Windows pc or a firewall appliance such as Sonic
Wall or Watch Guard.
> >
> >>2. Does it make a difference security-wise whether I run WinRoute on my
> >>main file server that has sensitive data or on a workstation?
> >
> >If someone hacks WinRoute would you rather they be on your server? If
> >you have sensitive data, then you should be looking at something other
> >than WinRoute.
>
> Dito
Yes, I thought as much. The "rub" with WinRoute's "easy" access solution is
that you have to have two LAN connections on the computer running WinRoute
if you want to be able to access the Internet from that station--hence the
advantage of putting it on the server which of course has the most sensitive
data.
> >
> >Jeff
>
Well, time to do some more research. Thanks to both of you for your
comments.
Sue
- Next message: alanstv@ntlworld.com: "OT : Spambot Fodder"
- Previous message: Al: "Re: Rights (Permissions) for CD-Writers ?"
- In reply to: no-spam: "Re: How safe is WinRoute?"
- Next in thread: eri: "Re: How safe is WinRoute?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
