Re: Software vs. hardware firewalls

From: Duane Arnold (darnold92@Insightbb.com)
Date: 11/17/02

• Next message: bassbag: "Re: Agnitum Outpost Firewall"
• Previous message: mail.attbi.net: "Re: Help SYN Flood Detection"
• In reply to: Thor: "Re: Software vs. hardware firewalls"
• Next in thread: Thor: "Re: Software vs. hardware firewalls"
• Reply: Thor: "Re: Software vs. hardware firewalls"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: "Duane Arnold" <darnold92@Insightbb.com>
Date: Sun, 17 Nov 2002 07:10:12 GMT

You the same Thor over in alt.computer? If you are, then I seen your posts.
If you're not that Thor, then accept my apology.

Duane :)

"Thor" <ithork@REM0VEyahoo.com> wrote in message
news:fQFB9.21930$Ay3.2205395@news1.west.cox.net...
> > > Are there attacks that
> > > Zonealarm will let through that a hardware firewall would stop?
> >
> > I think you should reverse your thinking on that.
>
> Err... how do I reverse my thinking about a question (for which I don't
know
> the answer)?
>
> > And Thor, you know a lot about this computer stuff to begin with. So, I
am
> a
> > little surprised that you're asking this. :)
>
> Do I know you, Duane?
>
>
> "Duane Arnold" <darnold92@Insightbb.com> wrote in message
> news:hEEB9.23675$__1.13258@rwcrnsc51.ops.asp.att.net...
> > > >What advantage does a hardware firewall like the Linksys BEFSR41
> > > > have over a software solution like Zonealarm?
> >
> > Why try to explain it?
> >
> > http://www.homenethelp.com/web/explain/about-NAT.asp
> >
> > Now, the latest version of the Linksys firmware SPI has been removed,
> > because that were having too many issues implementing SPI into the
> firmware.
> > Apparently, SPI has never worked right on any of the Linksys firmware.
> >
> > > Are there attacks that
> > > Zonealarm will let through that a hardware firewall would stop?
> >
> > I think you should reverse your thinking on that.
> >
> > > Will I have
> > > any hassles getting various multiplayer games working with a hardware
> > > firewall?
> >
> > By using Port Forwarding or Triggering, you will be able to tell the
> router
> > to map specified port traffic to a specified IP/machine needing the port
> > opened. So there should be no issues with playing games. It's just
network
> > traffic.
> >
> > However, by doing Port Forwarding or Triggering you have open the port
to
> > the public Internet, and therefore, the machine is open too. Because
> others
> > know about the port being opened for certain games to be played, the
> machine
> > can be attacked. On a Linksys router prior to firmware 1.43 which
doesn't
> > have SPI, SPI must be disabled in order for Port Forwarding or
Triggering
> to
> > work. So you will need something like ZA.
> >
> > But also think about this, what is looking at the network traffic
between
> > two machines when a valid connection is made between the two? The
> router's
> > NAT and SPI are out of play and ZA on the machine is out of play. Who is
> to
> > say that the machine your connecting to has not already been
compromised?
> > What's to say that the machine is getting ready to attack your machine
> with
> > a self populating worm, virus, etc.
> >
> > You may want to think about an Intrusion Detection System such as
BlackIce
> > IDS/firewall or Snort/IDS setting behind ZA
> >
> > http://www.uksecurityonline.com/husdg/windowsxp/ids.htm
> >
> > By the way I use Linksys and it's a good product, but other brands of
> > routers have SPI that work. I have BlackIce on the machines to
compensate
> > for SPI being disabled.
> >
> > And Thor, you know a lot about this computer stuff to begin with. So, I
am
> a
> > little surprised that you're asking this. :)
> >
> > Duane :)
> >
> >
>
>

• Next message: bassbag: "Re: Agnitum Outpost Firewall"
• Previous message: mail.attbi.net: "Re: Help SYN Flood Detection"
• In reply to: Thor: "Re: Software vs. hardware firewalls"
• Next in thread: Thor: "Re: Software vs. hardware firewalls"
• Reply: Thor: "Re: Software vs. hardware firewalls"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: SPI on the User Port ... Mode Hang-Ups. ... hard pressed to give up their RS232 port for this, ... Ethernet cart, or they have a cardreader on a PC/Linux box on the net ... registers between an SPI interface and a RS-232C interface, ... (comp.sys.cbm) Re: Stateful Packet Inspection Firewall ... you need a router with NAT to establish multiple machines to use one public ... An SPI firewall will help to keep out hackers/crackers and you will ... not application based but port based. ... (comp.security.firewalls) Re: Software vs. hardware firewalls ... > I think you should reverse your thinking on that. ... > Now, the latest version of the Linksys firmware SPI has been removed, ... > to map specified port traffic to a specified IP/machine needing the port ... (comp.security.firewalls) Re: Software vs. hardware firewalls ... No, must be a different Thor, I don't remember ever posting to alt.computer. ... >>> Now, the latest version of the Linksys firmware SPI has been removed, ... by doing Port Forwarding or Triggering you have open the port ... (comp.security.firewalls) Re: Software vs. hardware firewalls ... >>What advantage does a hardware firewall like the Linksys BEFSR41 ... Now, the latest version of the Linksys firmware SPI has been removed, ... because that were having too many issues implementing SPI into the firmware. ... By using Port Forwarding or Triggering, you will be able to tell the router ... (comp.security.firewalls)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint