PDA

View Full Version : Firewall?


TechnoKelvin
04-18-2008, 04:59 PM
Is a firewall really needed? Hardware or software? Is Windows Firewall enough? Wouldn't the accept/reject pop ups that come with Firewalls confuse the crap out of customers? What about the Firewalls that come built into Linksys routers (and/or most routers)?

I know it's a lot of questions but I've never dealt with Firewall issues before as I've always used Windows Firewall / the Firewall that comes with my Linksys router. I just want to make sure this is sufficient when going out to peoples houses setting up their networks.

Holzster
04-18-2008, 05:16 PM
You will hear that a hardware firewall (like a Linksys) is better than the software Firewall (like on Windows). And you will hear that they are the same. This is a topic that people have there opinions about.

The only reason I like a hardware firewall beter is that I know it is not in the windows system at all, so there is no way a rogue program can disable it. BUT the Windows built in one is better than none.

Remember this is just my opinion - to each there own!!

Holzster
04-18-2008, 05:20 PM
I forgot there are different firewalls - you can make a free one with REALLY old hardware easily with a Linux based one.

Do not get scared off with Linux they are acually easier to install than a windows box!!

the link below is an article I wrote on here a while back:


http://www.technibble.com/forums/showthread.php?t=1587

Blues
04-18-2008, 06:28 PM
There is an advantage to a hardware firewall but not really as much so when your talkin about built in things on something like a Linksys WRT54G. As for the level of protection is gunna be different for each client. for many Windows Firewall probly is enough they don't have much on thier system and its not a high profile target system. Personal PC but wants more protection they keep alot of personal data like credit card and thier accounts and pay thier bills and cards only then might want to step up to a better software firewall. I would not treat the built in firewalls of your average consumer devices as one just think of them as more icing on the cake not some much the cake itself. Then when you get to business clients purchase a dedicated hardware firewall with the proper features and processing power for the feature set and user number and many are often licensed for that user limit. I would also add that for small businesses and worried customers a freeware linux based firewall is a very good option to consider the only investment cost are in the hardware.

Jory
04-18-2008, 08:52 PM
I'd say it entirely depends on the customer. If they're fairly smart the windows firewall and a linksys router would be more than enough for them, but if they're constantly getting infected with trojans and the like I'd probably put zone alarm on their computer. Just make sure you "allow" all the programs they use and instruct them to deny anything else that pops up.

The problem with windows firewall and the linksys router is they only drop incoming connections, but not outgoing. If you get infected by browsing the web your firewall/router isn't going to offer any protection in that case.

zatblast
04-18-2008, 08:57 PM
If its a general home user, even a small single person at home business, just a software firewall on each of the computers on there network should be good enough, however if your thinking business style network... esspecially if they have server(s) that access the outside data/take payment, a nice little nix software firewall would probably be a preference, unless they have the budget for a hardware firewall... only problem with these 2, is if you dont know nix your better off not even trying, because good chance you will leave holes which would be bad

and if you get a hardware firewall, chances are you have never set one up ((thinking commercial grade not cheap linksys home user versino)) which would be pretty much proprietary to the manufacturer

summarize
personal network: software firewall on all computers=enough
business network: dedicated firewall=much prefered, also backit up with individual firewalls on each computer if your allowed to...

TechnoKelvin
04-28-2008, 07:12 PM
I think I'm a bit confused here.

On my network at home I have a WPA encryption on. Is that a firewall? If not that what is it?

I know it's meant to stop people from using my internet but what else?

MHCG
04-28-2008, 07:27 PM
WPA is just encryption of your wireless signal as it travels through the air.

tartis
04-28-2008, 08:52 PM
I think I'm a bit confused here.

On my network at home I have a WPA encryption on. Is that a firewall? If not that what is it?

I know it's meant to stop people from using my internet but what else?

If you have WPA encryption, than you are most likely using some kind of router at home. Most home routers help protect you becuase they use what is called NATing (Network Address Translation). In short, the router is exposed to the Internet using the IP address assigned from your ISP. The router then has its own private network and assigns your computer an IP address through DHCP. This NATing helps protect your PC's by not having your IP address exposed directly to the Internet.

A router for home is not perfect, but it is your first line of defense against attacks. WPA encrytion is also recommended for your wireless connection.

Just my 2 cents worth.

JohnG
04-28-2008, 08:59 PM
One thing to keep in mind be it a software or hardware firewall...its only as strong as the permissions YOU allow. That said, if you like to dally with, uhm, lets say pirated software, chances are you will still be infected and will have your firewall bypassed. :D

jamesbhp
04-28-2008, 09:06 PM
Keep in mind, a lot of the higher end firewalls/routers (hardware firewalls/routers) are only so great because of the proxy protocols and client to site, or site to site VPN Tunneling, multiple ISP load balance, or even multiple IP addresses for WANs. Also the addition of hardware layer of protection before an internal computer gets attacked. If your site does not't require any of these services and features, then you can get away with a decent router and software firewall.