Re: Re: Which Firewall is Best?

From: Leythos (void_at_nowhere.com)
Date: 07/28/04

• Next message: Edward Johns: "Re: network monitoring"
• Previous message: Patty Amas: "Re: Sygate Pro and freeware-Can freeware be made stronger?"
• In reply to: Robert Smith: "Re: Re: Which Firewall is Best?"
• Next in thread: Robert Smith: "Re: Which Firewall is Best?"
• Reply:(deleted message) Robert Smith: "Re: Which Firewall is Best?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Wed, 28 Jul 2004 14:05:40 GMT

In article <JzNNc.181526$tH1.7767975@twister.southeast.rr.com>,
rsmith.remove@triad.rr.remove.com says...
> Just checked NetGear's site - I think I may try the FR114P (which has
> both NAT and SPI firewall...)
>
> Thanks for the advice!!!

Just keep in mind one thing - neither NAT or SPI make the device a
firewall. SPI ensures that the traffic that is permitted in is the
correct traffic. NAT and SPI are parts of many firewalls, but they do
not make the device a firewall.

Isn't it wonderful what Marketing types and Sales people can do when
they start playing with words to describe a product :)

Now, for the real info - if you get a router with NAT/SPI, it's a very
nice start, in the old days I used NAT as a border defense method and
additional protections inside the network, even with public facing
services. During that time I ever found an uninvited quest connected to
our systems, but, that was before people really started attacking the
"routers". If you are going to get something with SPI, consider a
Linksys, so that you can download the free WallWatcher software to track
ALL in/out bound traffic - this will let you monitor what stations
INSIDE your network are communicating with OUTSIDE resources, and it
will also show you what outside resources are making connection
attempts. It's a dang nice application - about a year ago he sent me the
source code for it and I modified it to log all the traffic to a SQL
server for reporting, dang nice chap.

I don't know if the Netgear works with WallWatcher, but Linksys was a
number of "Firewall" named units (which are NAT/SPI) that you could pick
from.

-- 
--
spamfree999@rrohio.com
(Remove 999 to reply to me)

---

• Next message: Edward Johns: "Re: network monitoring"
• Previous message: Patty Amas: "Re: Sygate Pro and freeware-Can freeware be made stronger?"
• In reply to: Robert Smith: "Re: Re: Which Firewall is Best?"
• Next in thread: Robert Smith: "Re: Which Firewall is Best?"
• Reply:(deleted message) Robert Smith: "Re: Which Firewall is Best?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: Plusnet 2Mbps connection ... >> Stateful Packet Inspection (SPI). ... The NAT firewall hides computers on ... >> through the firewall to the connected computers. ... (uk.people.silversurfers) Re: hows this comcast product ... it's just a common NAT router with SPI. ... i do have windows xp firewall enabled as well as i haven't ... > however then i'd need a router without nat and spi, ... (comp.security.firewalls) Re: Plusnet 2Mbps connection ... > Stateful Packet Inspection (SPI). ... The NAT firewall hides computers on ... > through the firewall to the connected computers. ... (uk.people.silversurfers) Re: NAT vs Firewall ... SPI will help in logging, email alerts and stopping hacker attempts. ... Your NAT router might do this already as it may have other coding to see spoof, ... Firewall Type ... (comp.security.firewalls) Re: Linux equivalent for ZoneAlarm? ... Linksys's NAT and its SPI and any firewall you choose is pretty much useless ... from attack on accepted traffic on an open port. ... (comp.security.firewalls)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(10)