Re: do i need a hardware firewall?
From: Duane Arnold (notme_at_notme.com)
Date: 02/22/04
- Next message: Lorenz Blum: "Re: newbe wants to set up high secue network =)"
- Previous message: Rodrick Brown: "Netscreen 5XP Firewall VPN vs Cisco Pix 506"
- In reply to: tarquinlinbin: "do i need a hardware firewall?"
- Next in thread: sponge: "Re: do i need a hardware firewall?"
- Reply: sponge: "Re: do i need a hardware firewall?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 22 Feb 2004 19:06:00 GMT
tarquinlinbin <fleagle@myrealbox.com> wrote in
news:qbrh309tgdu52mnhuigtov7793gnmn8lje@4ax.com:
> I run xp pro with NIS 2003. Do i need a router with built in HW
> firewall,if so i'd prefer linksys but which ones have this facility?
>
> I'm just a bit cautious at the moment as i seem to have been
> attacked!!
>
> thanks
>
>
Linksys is a good product and I use one myself. But does it have a FW or
does any NAT router have a FW that falls into this category, NO. They
have FW like like features and maybe SPI. You should get a router that
has SPI for sure. I think the BEFSX and SR series have SPI. You should go
to the www.linksys.com and review product data sheets.
A router sits as a stand alone device infront of the machine and is
better than a host based FW in stopping unsolicited traffic/attacks, that
the machine and it's O/S and FW would be using the machine's resources to
do.
http://www.homenethelp.com/web/explain/about-NAT.asp
If the router had a true FW, then it would meet the specs in the link.
http://www.firewall-software.com/firewall_faqs/what_does_firewall_do.html
You can use Wallwatcher for the router and Active Ports on the machine to
see what's happening yourself.
You should look into *hardening* the XP O/S to attack by disabling
services that shuts down unneeded ports. Why is MS File and Print service
active, if the machine is not doing LAN communications. Why is the
Wireless Zero Configuration service active if there is no wireless card
installed, which can be used by malware to phone home.
http://www.uksecurityonline.com/husdg/windowsxp.php
Use the Host to supplement the protection and it's not just for *ad
blocking*.
http://mvps.org/winhelp2002/hosts.htm
http://accs-net.com/hosts/HostsToggle/
Think about using IPsec to further supplement the protection behind the
NAT router and NIS, because the router doesn't stop outbound and the NIS
can be knocked out by malware.
http://www.petri.co.il/block_ping_traffic_with_ipsec.htm
http://www.analogx.com/contents/articles/ipsec.htm
Duane :)
http://www.uksecurityonline.com/husdg/windowsxp.php
- Next message: Lorenz Blum: "Re: newbe wants to set up high secue network =)"
- Previous message: Rodrick Brown: "Netscreen 5XP Firewall VPN vs Cisco Pix 506"
- In reply to: tarquinlinbin: "do i need a hardware firewall?"
- Next in thread: sponge: "Re: do i need a hardware firewall?"
- Reply: sponge: "Re: do i need a hardware firewall?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
