Re: Hardware firewall needed?

From: andy smart (anonymus_at_discussions.microsoft.com)
Date: 11/30/04

  • Next message: Ian: "Password Reset for Workstation Login" 
    Date: Tue, 30 Nov 2004 10:00:31 +0000

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    Philip Herlihy wrote:
    | "Phillip Windell" <@.> wrote in message
    | news:eY8bLgl1EHA.412@TK2MSFTNGP14.phx.gbl...
    |
    |>"Susan" <Susan@discussions.microsoft.com> wrote in message
    |>news:A146547C-8754-4CF4-92A0-F04C558B3E0A@microsoft.com...
    |>
    |>>Hello! I just had cable Internet access installed over the weekend.
    |>>When
    |>
    |>I
    |>
    |>>was using dial-up, I used ZoneAlarm as my firewall. I am still relying
    |>>on
    |>
    |>it
    |>
    |>>with the new broadband service, but I am wondering if I need to install a
    |>>hardware firewall as well. The cable modem has a "standby" button that I
    |>
    |>can
    |>
    |>>use to disconnect from the cable when I'm not in the Internet, which I
    |>
    |>have
    |>
    |>>been using (like when just doing word processing, or when I turn off the
    |>>computer), but I am rather paranoid about things getting in. I have all
    |>
    |>the
    |>
    |>>zonealarm settings on "high", but I still wonder if I need additional
    |>
    |>ZA is fine for your situation. If you install a hardware device then you
    |>have to understand to type of network topology you create. Any of the
    |>Cable/DSL "routers" (actually they are NAT Devices, not "real" routers)
    |>are
    |>effectively a "firewall" once installed. Now everyone can argue all day
    |>about the level of protection they give vs a $3000.00 traditional Hardware
    |>NAT Firewall,...but functionally, those NAT Devices are just the "little
    |>brother" to the expensive NAT Firewalls.
    |>
    |
    |
    | I'd like to know more about this - I have a wireless ADSL "router"
    installed
    | which I'd recently figured out was really a NAT device, but I'm still
    pretty
    | foggy about what risks remain. I'm running ZoneAlarm Pro on my main
    machine
    | (ZA free on the others). They all have addresses in the (non-routable)
    | range 192.168.1.... and I've put that subnet into the "trusted zone",
    but I
    | don't always sleep easily...
    |
    | Is my ZoneAlarm redundant? Any references you could point me to?
    |
    One minor point which I'd like to add, not disparaging any of the advice
    here by any means, is that with something on your box 'you' have some
    measure of control - rather than trusting totally to your ISP and their
    setup. Would you replace your door locks with an assurance from another
    company that they'd 'secure' your house for you for free? Well you might
    take up the offer but you'd quite probably want a lock too, just in case :-)
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.2.5 (MingW32)
    Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

    iD8DBQFBrES/qmlxlf41jHgRAgIEAKDRiEjRk77vovpKhknAQxwsrKNNiwCdHDdQ
    rvI5xsOTIJnYCb4FkO7dBwY=
    =uqHA
    -----END PGP SIGNATURE-----

  • Next message: Ian: "Password Reset for Workstation Login"
    • Quantcast