Re: Belkin not-real-firewall?
- From: "Duane Arnold" <NotME@xxxxxxxxx>
- Date: Fri, 24 Mar 2006 06:08:43 GMT
"Triffid" <triffid@xxxxxxxxxx> wrote in message
news:TcLUf.9832$ji6.568360@xxxxxxxxxxxxxxxxxxxxxxxx
Duane Arnold wrote:
Triffid wrote:
Duane Arnold wrote:
Another thing, you should use Wallwatcher (free might work with the
Belkin) to review the syslog or Syslog Daemon (free will work with the
Belkin) and watch traffic coming to and leaving the router as someone
can hack your wireless network and be all over the top of your machines
wired or wireless (a personal FW would help in that area) or they can
use your wireless to attack other networks or machines on the Internet.
I tried Wallwatcher and thought the graphs etc. were pretty cool, but
not something I'd find time to review on a regular basis. I run Syslog
Daemon because the daily summary email takes 30 seconds to review for
anomalies - no need to look any deeper most days.
Syslog Daemon was OK. I didn't like the fact that you had to buy it if
you wanted more detail information, had to go out of your way to
configure it to provide that information, and you had to implement other
solutions like a database application and report writer application if
you wanted to review traffic patterns.
Fair comment. I really only use SyslogD for the daily summary email. The
Netscreen GUI lets me drill down if the summary shows anything unusual.
Wallwatcher as many nice features like intrusion detection threshold
alerting and notification, graphs showing the low to highest counts of
IP(s) making the intrusion attempts, tracking IP if needed, back tracing
of a site name to an IP and in general online in real time tracking of
traffic to from the router. It's got some other things as well that I
like that I have used. It's free and you can beat deal.
Netscreen GUI does most of that - free with product purchase.
Whatever works - works.
I don't run a PFW because I object to extraneous distractions while
working. Windows Firewall only distracts me if I turn it off, so I let
it run.
That doesn't make any sense as the Windows FW is a personal FW, unless
you're talking Application Control in PFW solutions and its nuisance
asking of questions to allow or not to allow something, then you're
making sense.
OK, we agree if you consider Windows Firewall to be a PFW.
I consider the Windows FW or any PFW to be a host based packet filter
protecting at the machine level and is not a FW, since it doesn't separate
two networks. The one it's protecting from and the one it is protecting.
Many seem to
think 'Application Control' defines a PFW, and are unaware applications
can only be controlled to the extent they honor control.
Yeah I know that and it's worthless as far as I am concerned.
My Netscreen 5GT also does it's job quietly and effectively. Worth every
penny IMHO, unless one prefers to make a full-time hobby of home network
security monitoring - and it's competitors are even cheaper these days.
My needs are for a FW appliance and NAT routers for home usage don't meet
my needs. However, they are good solutions for most home users.
You are aware the NS 5GT *is* a firewall appliance as you stated below, so
this comment appears to be extraneous.
You know what a Watchguard is don't you. So of course I know what a
Netscreen is about. I'll assume you know what a NAT router is about too.
And price varies on the solution that is needed with the devices.
I don't see where home network security is hard or expensive. Sure you
should invest a few hundred in a decent perimeter firewall, plus a day
or two configuring it and the PC operating systems - but beyond that
free AV, Windows Firewall, and some time spent educating the kids is
about all it takes.
I cannot disagree. However, the use of the Windows FW behind that FW
appliance is buying you what?
XP nags if Windows Firewall is off, and everything still works when it's
on. Simple as that.
I don't know where your coming up with this one. I am using XP Pro right now
on this laptop and the XP FW is sure not active and I am not being nagged.
However, I configured the Security Center on XP to don't nag me with the
messages that the XP FW is not active, because I am using my own host based
3rd party packet filter -- BlackIce. As a matter of fact, I think at one
time, I just disabled the Security Center Service on XP. Don't tell me about
nothing the AV or anything else on other machines. But on this laptop, I
just told SC to not tell me about the XP FW not being active.
So you should be able to tell the SC don't tell me that the XP FW is off or
just turn the service off altogether.
It was as or should be as simple as that. :)
If the machines are setup to allow networking and the XP FW is allowing
the inbound traffic between the machines, you might as well not even have
it enabled, as it's not buying you anything, IMHO. The malware can still
populate itself on the LAN.
Absolutely - if malware infects a Windows networking environment, I expect
it will propagate to all machines on the LAN. The only shares on my
internal LAN are from the file server (a Linux/Samba box), but the PCs
still talk to each other constantly - might be fixable, but I'm not sure
it's worth the effort.
No it's not fixable as the machine have to network on ports 137-138 udp and
445 tcp. If you do something to close those ports, uninstall MS File and
Print sharing or configure the XP FW to not allow traffic on the ports, then
the machine cannot network and share resources.
Duane :)
.
- References:
- Belkin not-real-firewall?
- From: burnedtechie
- Re: Belkin not-real-firewall?
- From: Duane Arnold
- Re: Belkin not-real-firewall?
- From: burnedtechie
- Re: Belkin not-real-firewall?
- From: Duane Arnold
- Re: Belkin not-real-firewall?
- From: burnedtechie
- Re: Belkin not-real-firewall?
- From: Duane Arnold
- Re: Belkin not-real-firewall?
- From: Triffid
- Re: Belkin not-real-firewall?
- From: Duane Arnold
- Re: Belkin not-real-firewall?
- From: Triffid
- Belkin not-real-firewall?
- Prev by Date: Re: Belkin not-real-firewall?
- Next by Date: Re: Zonealrm: Need to identify the source of outgoing request
- Previous by thread: Re: Belkin not-real-firewall?
- Next by thread: Re: Belkin not-real-firewall?
- Index(es):
Relevant Pages
|
