Jump to content


Photo

how many firewalls should I have?


  • Please log in to reply
15 replies to this topic

#1 pharnok

pharnok

    Member

  • Full Member
  • Pip
  • 49 posts

Posted 30 March 2005 - 12:00 PM

My girlfirend and I are running together on a wireless network. Her computer is wireless but mine is wired. In any event the gateway that I use says it comes with a built in firewall. My question is should I bother installing a firewall on my computer or is the one on the gateway enough.

#2 dave38

dave38

    Devout Murphyite!

  • Retired Staff
  • PipPipPipPipPip
  • 8,508 posts

Posted 30 March 2005 - 12:32 PM

Ideally, you should have a hardware firewall, as on your gateway, and a software firewall on each machine.
Be wary of strong drink. It may make you shoot at tax collectors, and miss!
Please support SWI forum

#3 pharnok

pharnok

    Member

  • Full Member
  • Pip
  • 49 posts

Posted 31 March 2005 - 02:14 AM

I tried installing Norton Firewall 2005 on her laptop but it's too much for her computer to handle (she's running win 98 on a celron pro). Is there a firewall that is effective but doesn't tax the system too much?

#4 BigT

BigT

    Member

  • New Member
  • Pip
  • 1 posts

Posted 31 March 2005 - 09:32 AM

Hi :)

This is my first post, jumping in at the deep end:

For a firewall, I personally prefer Sygate Personal Firewall, but the Professional version hasn't been updated for a while, if this bothers you, try Kerio Personal Firewall (didn't suit my system, and I'm not sure of its resources).

I consider Sygate to be very light on resources, and you may be interested in Jetico, a new BETA firewall, and this is reported to be extremely light on both CPU and RAM.

Hope I was able to offer assistance,
BigT

#5 dave38

dave38

    Devout Murphyite!

  • Retired Staff
  • PipPipPipPipPip
  • 8,508 posts

Posted 31 March 2005 - 12:24 PM

Kerio version 2.1.5 is good, but the later versions seem rather bloated.
Zone Alarm, from www.zonelabs.com is effective, and easy to configure. Probably the best for the laptop.
Be wary of strong drink. It may make you shoot at tax collectors, and miss!
Please support SWI forum

#6 pharnok

pharnok

    Member

  • Full Member
  • Pip
  • 49 posts

Posted 01 April 2005 - 12:36 PM

Thanks. It works great. I was just wondering what is ther difference between a hardware firewall and software one? Do they work differently?

#7 Paranoid

Paranoid

    Forum Deity

  • Full Member
  • PipPipPipPipPip
  • 533 posts

Posted 02 April 2005 - 12:19 PM

Thanks.  It works great.  I was just wondering what is ther difference between  a hardware firewall and software one?  Do they work differently?

View Post


The main difference that probably matters is that while a software firewall runs on the machine it is defending, a hardware firewall is a seperate device by itself.

Most common hardware firewalls used by homeusers are NAT routers. They are essentially very simple computers(hardware) running firmware. The firmware is the software part of the hardware router, it implements a portion of the network protocols, security mechanisms and administrative capabilities of the hardware device.

When you buy a router it comes with the standard firmware, which can be upgraded to improve its function or fixes bugs, updates are not common, nor are they necessary in most cases.

The firmware of Linksys routers are also open source, as a result, a lot of programmers have released their own firmware (which are actually linux based), some of which are very popular among the geeky.

The main advantage of routers is that they are very simple and specialised device, the code is embedded ina Read-only memory chips and is impossible to be modified by attackers. The hardware firewall basically does only one job, which is to run the firmware, which makes it very stable and solid.

A software firewall on the other hand is a normal program running on your system , subject to interactions between various other software you are running, user error etc making things more complicated and error prone.

They can be compromised easily like any other program, eg viruses often target and terminate antiviruses and firewalls.

Basically, a hardware firewall that does not reside on your computer, gives you the breathing space to better defend your computer.

Software firewalls do have their place though, being closer to your computer, they can handle outbound filtering a lot better (most NAT routers dont do outbound filtering) for example.
Please note that the software I recommend above is entirely based on only my own experience and testing. In no way should my comments,opinions and endorsements be construed as an endorsement by the forum, nor do they reflect the advise or recommendations by the experts or helpers at spywareinfo.


#8 Paranoid

Paranoid

    Forum Deity

  • Full Member
  • PipPipPipPipPip
  • 533 posts

Posted 02 April 2005 - 12:24 PM

Hi :)


I consider Sygate to be very light on resources, and you may be interested in Jetico, a new BETA firewall, and this is reported to be extremely light on both CPU and RAM.

Hope I was able to offer assistance,
BigT

View Post


Jetico is a bad choice for anyone but the very geeky.

Jetico implements comprehensive "application control" to beat various leak tests and as a result throws up more prompt boxes than almost all firewalls I have tried (including kerio,sysgate ,zone alarm). Coupled with a unusual interface for rules editing that confuses even diehard geeks, I highly doubt jetico is right for the OP.
Please note that the software I recommend above is entirely based on only my own experience and testing. In no way should my comments,opinions and endorsements be construed as an endorsement by the forum, nor do they reflect the advise or recommendations by the experts or helpers at spywareinfo.


#9 pharnok

pharnok

    Member

  • Full Member
  • Pip
  • 49 posts

Posted 02 April 2005 - 11:31 PM

Thanks. That's good info. Now I only worry about my wireless connection being attacked. Do firewalls offer any protections against such attacks?

#10 Paladin Michael

Paladin Michael

    The man of too many hats.

  • Full Member
  • Pip
  • 44 posts

Posted 04 April 2005 - 08:15 AM

Thanks.  That's good info.  Now I only worry about my wireless connection being attacked.  Do firewalls offer any protections against such attacks?

View Post


Hardware Firewalls offer the same protection for wireless connections as they do for wired connections by filtering what comes through the connection between you and your service provider, but they don't prevent people from attacking from behind the firewall by parking out front of your house and trying to connect to your wireless signal. :rant: Software firewalls, being on the individual computers, become your only line of defence against these signal surfers unless you set up some additional security precautions.

For the wireless connection you should try using one or more of the security features which the access point or router you use as well as the individual wireless cards' software is capable of. The most commonly available is WEP encryption, though WPA and EAP, if all WLAN cards in your network support them, are more secure. WPA and EAP tend to be difficult to set up, however, due to little documentation. :huh:

At minimum, you should use a 128 bit WEP (Wired Equivalent Privacy) encryption key. WEP is supported by pretty much every wireless card out there right now so everything in your network should be able to use it.

Although WEP is not the most secure, it's easiest to use and a casual attacker wandering by with a laptop will usually choose an unprotected connection over an encrypted one.

It would be best to use one of the methods above as well as setting your wireless access point or router to only allow the MAC addresses (an identifying code determined by hardware) of the WLAN cards on your network to connect, though your manual may not sufficiently describe how to do this and it requires a bit of networking knowledge to do it without documentation. If you're able to use this I'd recommend it.

Hope this helps. :techsupport:
"May knowledge and enlightenment reach you in kind and may your sword be wet only with the blood of the mind."
-Me

#11 pharnok

pharnok

    Member

  • Full Member
  • Pip
  • 49 posts

Posted 04 April 2005 - 10:46 AM

It does thanks. I've set up my wireless connection with WPA though like you said it is a pain to set up thanks for the info!

#12 pharnok

pharnok

    Member

  • Full Member
  • Pip
  • 49 posts

Posted 05 April 2005 - 06:26 PM

On a side note is it a good idea to keep the gateway running all the time or should I disconnect it when I'm not using it?

#13 Paladin Michael

Paladin Michael

    The man of too many hats.

  • Full Member
  • Pip
  • 44 posts

Posted 06 April 2005 - 09:36 AM

On a side note is it a good idea to keep the gateway running all the time or should I disconnect it when I'm not using it?

View Post

:scratchhead:
I'd defer to the more experienced on this question if they choose to reply, but if you're referring to the router's connection to your Internet Service Provider (referring to the router as a gateway in other words) then, in my opinion, if it's not too much of a pain for you, it can't hurt, and might help you notice problems or malicious programming as, if they use internet traffic, they must do so while you are at the computer and can notice the warning signs of system slow downs, excessive network traffic, etc. I'll attempt to explain my reasoning and point of view.

I have lots of firewall logs showing people from several countries doing random(or sometimes not so random) ip address and port surfing in an attempt to find an open port to attack during all hours, 24/7. Now if, for instance, I had left the default port Microsoft SQL Server 2000 uses open for incoming connections to my SQL server on my firewall and hadn't installed service pack 3 for the program, my SQL server would have been inundated with slammer virus varients by now. :weep:

The point is, if your defenses are configured well and your software is up to date :thumbsup: , you should be ok and deactivating the connection won't do much more than give your systems a rest and make you wait longer for the initial connection. If, however, your defences are not well done and there are holes in the armor :thumbsdown: , then disconnecting might prevent someone from finding the holes for a while, but there's just as much chance that they'll find them while you're using the connection as when you aren't. :blink:

On the other hand, it is true that the only truly secure computer is one which isn't plugged in. :techsupport: Also, if a trojan or piece of spyware has made it on your computer via normal browsing, outgoing traffic is also a concern as they might be sending keystrokes or important data from your hard drive out during idle time when you're less likely to notice the warning signs. :gasp:

Bottom line, in my personal opinion, it's a judgement call.

I don't want to steer you wrong and am far from a great all knowing guru :rofl: , so you may want to wait for more posts and ask a few other more knowledgible networking fellows for their opinions on this one as well.

:wave:
"May knowledge and enlightenment reach you in kind and may your sword be wet only with the blood of the mind."
-Me

#14 Waffle

Waffle

    Member

  • Full Member
  • Pip
  • 7 posts

Posted 28 April 2005 - 12:30 AM

Just a little reminder... change the password to access the router, kinda basic but easy to forget.

#15 Exasperated in Phoenix

Exasperated in Phoenix

    Member

  • Full Member
  • Pip
  • 9 posts

Posted 08 May 2005 - 10:35 PM

Also (if you check back on the thread) if your WAP allows it, set it to *not* broadcast it's SSID. Makes it a little tougher for the kids that are out wardriving to find you. There's several excellent books on wireless security methods, get one of the more recent ones from O'Reilly (they're a lot better than Syngress or any of the 'dummies' books). Don't get their 'hacks' books, as there's very little in them on SECURING your network, rather how to break it. Rest assured that any kid with a laptop and appropriate software can hack your security in several hours or less, one of the main reasons I use a wired network here at home.

Like the other respondents, I run a hardware firewall AND a software one. The hardware firewall blocks a lot of the 'script kiddies', and the software firewall blocks most apps on your PC from 'calling home' without your consent, as well as backing up the hardware firewall. I still use the old, free 'Tiny Personal Firewall' as it suits me. It's since turned into Kerio's version when the author split Tiny Software.

#16 Buntox

Buntox

    Lemming #1

  • Full Member
  • Pip
  • 92 posts

Posted 09 May 2005 - 07:37 PM

Also (if you check back on the thread) if your WAP allows it, set it to *not* broadcast it's SSID.  Makes it a little tougher for the kids that are out wardriving to find you.

View Post


Also, it will help if you can change the SSID to random characters other than its default. In doing this you will have to manually enter the SSID into the laptop.
The time you enjoy wasting is not wasted time.
Bertrand Russell




Member of UNITE
Support SpywareInfo Forum - click the button