Re: Software v. Hardware firewall?
From: Alan Illeman (illemann_at_surfbest.net)
Date: Thu, 18 Mar 2004 20:53:41 -0500
"Bubb" <email@example.com> wrote in message
> On Thu, 18 Mar 2004 05:36:30 -0500, "Alan Illeman"
> <firstname.lastname@example.org> wrote:
> >Obviously software is easier to download and setup, but I always
> >thought that the 'rock solid' solution was an old PC running Linux
> >as a firewall, but I don't see that 'solution' discussed much here.
> >What has changed?
> If you want truly solid security use both. A hardware firewall (in my
> experience) keeps out 100% of the inbound port scanning/connection
> attempts, and it does not need to be as expensive or complicated as a
> second computer running Linux. If you have broadband you can get a
> router that has a built in firewall. These are inexpensive and they
> work well.
> A hardware firewall, out of the box, assumes that any traffic that
> originates from your computer is OK. If you get infected with a
> trojan the hardware firewall will let it connect to the internet.
> That's why you still need a software firewall such as Kerio, which
> will assume that anything trying to connect outward needs to be
> approved first.
Yeah, just installed Kerio - it's impressive.