Re: Do I have enough or a (or the right) firewall?
From: Duane Arnold (notme_at_notme.com)
Date: 02/26/05
- Previous message: John D.: "Re: Checkpoint HA Cluster XL"
- In reply to: Top Spin: "Do I have enough or a (or the right) firewall?"
- Next in thread: Leythos: "Re: Do I have enough or a (or the right) firewall?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 26 Feb 2005 16:11:05 GMT
Top Spin <ToppSpin@hotmail.com> wrote in
news:r121215hnt4ioltickcd3muukvid8ht9in@4ax.com:
> We have a 2-node p2p network, all win2k. We have a DSL connection to
> the internet. All of the hardware including the network was installed
> by a leasing company. The company has been very good about support and
> we have had no real problems with malware.
If you don't have any problems with malware, then don't worry about it.
Although you could install Spybot or Ad-Aware and use Win 2k's Job
Scheduler to run Ad-Aware on a routine basis to clean malware/spyware.
>
> Here's the software and hardware that we have, as far as I know. I
> would appreciate any comments as to whether we need an additional
> software firewall and, if so, which one would work best with what we
> already have.
>
> HP ProCurve Switch. I think the model number is either 2424M or
> HPJ4093A. Both numbers are on the faceplate.
>
> LinkSys Etherfast 4-port Cable/DSL Router. I think the model number is
> BEFSR41.
>
You can install WallWatcher (free use Google) for the BEF model Linksys
router so you can review inbound and outbound connections. You'll need to
enable logging on the Linksys router. If malware was running on a
machine, then you would be to see the connections to the remote IP and to
what IP/machine the connection was being made to on the LAN.
> SpeedStream 5260 Ethernet ADSL Modem from Efficient Networks.
>
> Norton Antivirus, Corporate Edition.
>
> We are running Office 2000 and using Outlook for email and IE for web
> browsing.
>
You may want to look at Firefox (free) for your browser which is less
open to attack than IE, but if you're not having problems with malware
reaching the machines due to IE, then that's fine too.
What you need to do if this is a business is get a router with a real FW
and you won't need a PFW solution on each machine. The BEFSR41 is not a
FW appliance and is just a NAT router with some FW like features that
meets the specs in the link.
Linksys, D-link, Belkin, Netgear and others fall into this category.
http://www.homenethelp.com/web/explain/about-NAT.asp
If the router had a true FW, then it would meet the specs in the link,
like a low-end Watchguard, Sonicwall, Cisco and others.
If you stick with the SR41, then you can use IPsec that's on the Win2k
O/S to supplement the SR41 in protecting the machines on the LAN, by
implementing the AnalogX IPsec rules on the machines. That's a
possibility instead of installing a PFW on the machines, which you'll
have to configure the PFW on each machine to share resources. The AnalogX
rules already take care of that.
http://www.petri.co.il/block_ping_traffic_with_ipsec.htm
http://www.analogx.com/contents/articles/ipsec.htm
Of course, you can avoid the above by just getting a appliance that has a
true FW.
Duane :)
- Previous message: John D.: "Re: Checkpoint HA Cluster XL"
- In reply to: Top Spin: "Do I have enough or a (or the right) firewall?"
- Next in thread: Leythos: "Re: Do I have enough or a (or the right) firewall?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
