Re: Probes on Port 135 and 445 continue

From: Barry Margolin (barmar_at_alum.mit.edu)
Date: 10/13/04 

Date: Wed, 13 Oct 2004 08:43:50 -0400

In article <MPG.1bd6d27059fa1df4989855@news-server.columbus.rr.com>,
 Leythos <void@nowhere.org> wrote:

> In article <barmar-9B348A.00242413102004@comcast.dca.giganews.com>,
> barmar@alum.mit.edu says...
> > What devices are you talking about? Most home broadband routers include
> > basic firewall functionality. No, it's not as powerful or configurable
> > a firewall as a PIX, SGS, or Checkpoint, but neither is it just a packet
> > filter or NAT.
>
> Sorry Barry, but the Linksys, and most of the others, offers only NAT
> and some also offer SPI as their only means of security - which does not
> make them a firewall.
>
> Sure, most of them offer crude abilities to block a limited number of
> outbound ports, some offer blocking of a limited number of web sites,
> etc... Even the ones that offer advanced features are very limited in
> what they offer - while they may have "some" features found in most of
> the common firewall applications or appliances, they are nothing more
> than NAT/SPI devices.

That's my definition of "basic firewall functionality". 

-- 
Barry Margolin, barmar@alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***