Hardware firewall
#1
Scooby Regular
Thread Starter
Join Date: Nov 2002
Location: Hants
Posts: 1,489
Likes: 0
Received 0 Likes
on
0 Posts
Does anyone know how effective a Sitecom 4 port DSL Router firewall is? Would you install a software firewall also? I am only saying this as my xp pc has got that msblast worm
#4
Sorry, that's rubbish, most NAT/Firewall DSL routers and the like will effectively stop all incoming connections other than those you specifically forward to machines inside the firewall.
Therefore this worm won't have been able to connect to the required ports and would not have been able to exploit this vulnerability patched or not. If you're worried read any of the other numerous threads on about it and install the patch then run the removal tool.
This worm in only affecting people who haven't patched AND don't have a firewall, even XP's built in firewall would have protected a machine from this.
Therefore this worm won't have been able to connect to the required ports and would not have been able to exploit this vulnerability patched or not. If you're worried read any of the other numerous threads on about it and install the patch then run the removal tool.
This worm in only affecting people who haven't patched AND don't have a firewall, even XP's built in firewall would have protected a machine from this.
#5
Scooby Regular
Join Date: May 2000
Location: MY00,MY01,RX-8, Alfa 147 & Focus ST :-)
Posts: 10,371
Likes: 0
Received 0 Likes
on
0 Posts
Andrew is spot on.
I'm not having a go here - it just goes to prove a point. Microsoft originally posted the patch on the 17 July. The auto update feature in Windows would have protected most people. I know that sometimes these things have to be tested before being applied (escpecially in business environments - we did before applying it), but it just goes to show that once again, these worms are effective because of people's complancey and ignorance rather than because of the clever coding of a worm.
Chris
I'm not having a go here - it just goes to prove a point. Microsoft originally posted the patch on the 17 July. The auto update feature in Windows would have protected most people. I know that sometimes these things have to be tested before being applied (escpecially in business environments - we did before applying it), but it just goes to show that once again, these worms are effective because of people's complancey and ignorance rather than because of the clever coding of a worm.
Chris
#6
BANNED
Join Date: Jan 2001
Location: In my own little world
Posts: 9,644
Likes: 0
Received 0 Likes
on
0 Posts
This worm in only affecting people who haven't patched AND don't have a firewall, even XP's built in firewall would have protected a machine from this.
So how did it get pass my "Mcafee fire wall"??
It seems to have gone..............................
AfterI think I got the patch downloaded???
So how did it get pass my "Mcafee fire wall"??
It seems to have gone..............................
AfterI think I got the patch downloaded???
#7
Without seeing your machine I don't know, by default virtually all firewalls will protect you from this, that doesn't prevent someone reconfiguring a firewall meaning it doesn't protect you from this.
Trending Topics
#9
Scooby Regular
Join Date: May 2000
Location: MY00,MY01,RX-8, Alfa 147 & Focus ST :-)
Posts: 10,371
Likes: 0
Received 0 Likes
on
0 Posts
Luke - remember firewalls are not anti virus products. In fact, they are pretty dumb to honest. They use a rule set to allow or deny traffic. This latest worm has probably been delivered via dodgy emails etc. Your firewall (most firewalls) is not designed to look for dodgy content, it simply looks at its rules base and decides whether an application can be allowed through or not.
IT Security is multi-threaded, you don't rely on one product or application - it's a combination of things - anti virus, anti spam, firewall, intrusion detection systems, network analysers etc etc. For most home users a good software firewall and decent antivirus program can be had for free.
This is what I find frustrating.
For anyone that is interested a free firewall can be found here and free antivirus (with auto update) can be found here
Chris
IT Security is multi-threaded, you don't rely on one product or application - it's a combination of things - anti virus, anti spam, firewall, intrusion detection systems, network analysers etc etc. For most home users a good software firewall and decent antivirus program can be had for free.
This is what I find frustrating.
For anyone that is interested a free firewall can be found here and free antivirus (with auto update) can be found here
Chris
#10
IT Security is multi-threaded, you don't rely on one product or application - it's a combination of things
#11
Scooby Regular
Join Date: May 2000
Location: MY00,MY01,RX-8, Alfa 147 & Focus ST :-)
Posts: 10,371
Likes: 0
Received 0 Likes
on
0 Posts
True Chris. In fairness, this latest threat use a bug in the Remote Procedure Call, so it was harder to spot. A badly configured firewall would have let this threat through.
Chris
Chris
#13
Scooby Regular
Join Date: Sep 2001
Location: Kingston ( Surrey, not Jamaica )
Posts: 4,670
Likes: 0
Received 0 Likes
on
0 Posts
free www.smoothwall.org . The only cost to you is an old junk pc.
You define the open inbound ports.
Without going to a full on stateful firewall, it's as good as it gets for no money.
Steve
You define the open inbound ports.
Without going to a full on stateful firewall, it's as good as it gets for no money.
Steve
#14
Steve,
I've just installed ipcop, which forked from Smoothwall last year due to some very strange stuff with smoothwall - notably the attitude of some of the distro maintainers, and the apparent push towards commercialisation.
ipcop is exceptionally simple to set up - 15 minutes and you're there.
It's great, I can't recommend it highly enough for the money
Cheers,
Nick.
I've just installed ipcop, which forked from Smoothwall last year due to some very strange stuff with smoothwall - notably the attitude of some of the distro maintainers, and the apparent push towards commercialisation.
ipcop is exceptionally simple to set up - 15 minutes and you're there.
It's great, I can't recommend it highly enough for the money
Cheers,
Nick.
#16
Scooby Regular
Join Date: May 2000
Location: MY00,MY01,RX-8, Alfa 147 & Focus ST :-)
Posts: 10,371
Likes: 0
Received 0 Likes
on
0 Posts
Luke
Whether you use a hardware based firewall or software version, it comes down to how well it is configured. Neither is 'better' in that sense. The danger with firewalls is that they tend to be installed and forgotten about. They do require a degree of user intervention from time to time to make sure that they are doing their job correctly.
There are advantages to hardware based systems - such as performance and capacity (& increased security, by keeping the firewall physically separate from your PC), but whether you would notice this on a single home PC is debatable.
The biggest failing with all security systems is over confidence. There is no such thing as a 100% secure system (if there was and I'd found it, I would have retired a long time ago ).
Chris
Whether you use a hardware based firewall or software version, it comes down to how well it is configured. Neither is 'better' in that sense. The danger with firewalls is that they tend to be installed and forgotten about. They do require a degree of user intervention from time to time to make sure that they are doing their job correctly.
There are advantages to hardware based systems - such as performance and capacity (& increased security, by keeping the firewall physically separate from your PC), but whether you would notice this on a single home PC is debatable.
The biggest failing with all security systems is over confidence. There is no such thing as a 100% secure system (if there was and I'd found it, I would have retired a long time ago ).
Chris
#18
Hi Steve,
Yep, IPCop 1.3 uses iptables rather than ipchains. I think that's down to the 2.4.x kernel? But could be wrong...
I read about the corporate version of Smoothwall, then got confused as to whether that was still "free" or not... It looks like 125 quid to me. There also seems to be a fair amount of animosity from one of the developers, which put me off using smoothwall and steered towards ipcop. I might have made the wrong choice, but hopefully for the right reasons
old-ish comparison here - http://www.zorg.org/linux/ipcop.shtml
Cheers,
Nick
Yep, IPCop 1.3 uses iptables rather than ipchains. I think that's down to the 2.4.x kernel? But could be wrong...
I read about the corporate version of Smoothwall, then got confused as to whether that was still "free" or not... It looks like 125 quid to me. There also seems to be a fair amount of animosity from one of the developers, which put me off using smoothwall and steered towards ipcop. I might have made the wrong choice, but hopefully for the right reasons
old-ish comparison here - http://www.zorg.org/linux/ipcop.shtml
Cheers,
Nick
#19
Scooby Regular
Join Date: Sep 2001
Location: Kingston ( Surrey, not Jamaica )
Posts: 4,670
Likes: 0
Received 0 Likes
on
0 Posts
the gpl version is still free , but a couple of revisions behind the retail .. I think this is where the confusion occurs ..
yep the corp 1.0 used 2.2 kernel - hence the ipchains. There are/were some personality clashes between the developers .. and some of the client facing guys were , shall we say, abrasive.
The basic corp edition I got for 50 quid , but without some of the extra modules and has done perfectly for quite some time, but there is no upgrade unless you purchase maintenance, so I will take a look at IPCop as soon as I can get some downtime at home , cheers.
Steve
[Edited by stevem2k - 8/14/2003 4:30:02 PM]
yep the corp 1.0 used 2.2 kernel - hence the ipchains. There are/were some personality clashes between the developers .. and some of the client facing guys were , shall we say, abrasive.
The basic corp edition I got for 50 quid , but without some of the extra modules and has done perfectly for quite some time, but there is no upgrade unless you purchase maintenance, so I will take a look at IPCop as soon as I can get some downtime at home , cheers.
Steve
[Edited by stevem2k - 8/14/2003 4:30:02 PM]
#20
Good luck - I have never set up anything like this other than Zonealarm before, and it took 20 minutes... Very straightforward.
I've just bought a tiny mobo to run it all on now it's proven... An Advantech PCM-5820 which should do the job. Good ol' ebay.
Cheers,
Nick.
I've just bought a tiny mobo to run it all on now it's proven... An Advantech PCM-5820 which should do the job. Good ol' ebay.
Cheers,
Nick.
#23
Hehe, I think everyone missed the actual question.
Taff, personally I don't run a software firewall in addition to my hardware f/w. Mine has stateful packet inspection and can have outbound rules configured as well as the default inbound blocking.
One good reason for doing it is to prevent the propogation of viruses/worms that you receive by other means (download, email etc) ZoneAlarm and the likes have configured rules so that only authorised applications can access the internet.
If you're generally careful with emails/downloads and keep your virus scanner up to date, you shouldn't have any problems running without a software firewall (assuming you have a hardware f/w )
I took a look at Sitecom's site, and the info on there isn't exactly helpful to say the least, although it does list "Integrated Firewall" separately.
Personally, I'd take a look at offerings from Linksys or SMC.
Both are nice and easy to configure and offer heaps of features.
[Edited by DSOTM - 8/12/2003 10:40:02 PM]
Taff, personally I don't run a software firewall in addition to my hardware f/w. Mine has stateful packet inspection and can have outbound rules configured as well as the default inbound blocking.
One good reason for doing it is to prevent the propogation of viruses/worms that you receive by other means (download, email etc) ZoneAlarm and the likes have configured rules so that only authorised applications can access the internet.
If you're generally careful with emails/downloads and keep your virus scanner up to date, you shouldn't have any problems running without a software firewall (assuming you have a hardware f/w )
I took a look at Sitecom's site, and the info on there isn't exactly helpful to say the least, although it does list "Integrated Firewall" separately.
Personally, I'd take a look at offerings from Linksys or SMC.
Both are nice and easy to configure and offer heaps of features.
[Edited by DSOTM - 8/12/2003 10:40:02 PM]
Thread
Thread Starter
Forum
Replies
Last Post
MH-Racing
Subaru Parts
18
18 October 2015 04:49 PM
DazV
Non Scooby Related
12
30 November 2001 01:29 PM