firewall
- Thread starter wmacquinn
- Start date
Blues
Well-Known Member
- Reaction score
- 536
- Location
- Tennessee, US
You have a few options.
1. Software firewall on each machine
2. Hardware firewall between the gateway and the router
3. PC converted into hardware firewall
#1 has most security issues
#2 is probly the most expensive
#3 is sometimes the most pain to work with
1. Software firewall on each machine
2. Hardware firewall between the gateway and the router
3. PC converted into hardware firewall
#1 has most security issues
#2 is probly the most expensive
#3 is sometimes the most pain to work with
PatrickB
New Member
- Reaction score
- 2
Other than the IM, how do you know they were doing anything?
1) Set your IM to "Only People in your contact list may contact you". Others can still send requests to be a buddy, but they cannot send any other messages to you unless you approve them.
2) Is the firewall in your router still turned on?
3) Any chance this computer is using the firewall's DMZ?
4) Have you used any Port Forwarding in the router's firewall to allow gaming or p2p applications to work?
5) Are you using Wi-Fi? If so, is WPA security in use or the woefully weak WEP, or no encryption at all?
I recommend both a hardware firewall (typically the one already built into the firewall) AND a software firewall on each machine.
Also use Secunia's PSI to check the machine for known Windows and application security issues.
Microsoft's Baseline Security Analyzer can also be of use.
That's a start. Much more if you are interested.
-- Patrick B.
1) Set your IM to "Only People in your contact list may contact you". Others can still send requests to be a buddy, but they cannot send any other messages to you unless you approve them.
2) Is the firewall in your router still turned on?
3) Any chance this computer is using the firewall's DMZ?
4) Have you used any Port Forwarding in the router's firewall to allow gaming or p2p applications to work?
5) Are you using Wi-Fi? If so, is WPA security in use or the woefully weak WEP, or no encryption at all?
I recommend both a hardware firewall (typically the one already built into the firewall) AND a software firewall on each machine.
Also use Secunia's PSI to check the machine for known Windows and application security issues.
Microsoft's Baseline Security Analyzer can also be of use.
That's a start. Much more if you are interested.
-- Patrick B.
TimeCode
New Member
- Reaction score
- 1
- Location
- Pomona, CA
Do you really think they were doing it or just saying that they were? I could tell you that I was port scanning you and enumerating your network looking for vulnerabilities but that doesn't mean its true.
TimeCode
New Member
- Reaction score
- 1
- Location
- Pomona, CA
Unless you have logging turned on (unlikely), you can't. Do you know who this is? If so, make them prove it by asking them for names of files that they got. I'll bet they can't name one accurately. Unless you have LimeWire or something like that... That would allow them to get whatever you have shared.
Last edited:
PatrickB
New Member
- Reaction score
- 2
@Advanced Computer Group, I generally agree, but have some clarifications.
1) Hardware firewalls typically do not stop inbound traffic once the connection has been initiated from the inside. They automatically allow return traffic. This is why Skype and LogMeIn and other 2-way programs work without opening specific ports on the firewall. It's also one way malware can bring more trash to a computer.
2) Typical hardware firewalls also do not alert you to the fact that some unknown program (one that is not on a whitelist) is attempting to start an outbound connection. Software firewalls will.
3) Hardware firewalls, like software firewalls, are just code someone has written and are also open to having bugs. If perfect, routers would never have new firmware editions.
Having said that, some security gateways/appliances have more features and configuration than the typical router with a firewall.
I definitely agree with you about being prudent in you use of the Internet. With the frequent vulnerabilities in web browsers and Windows, and with the good websites that are hacked by the bad guys, you may surf to any well-known, "good" website and find yourself infected by a malicious script, a malicious flash movie, a "clear click" spoof, and other tricks.
Oh. Why have a software and a hardware firewall?
A) The hardware firewall comes as part of most routers and will keep your computer's local IP Address from being directly seen on the Internet. It also will block nearly all of the thousands of ports that someone could try to use to connect to a computer. That means less possible points of attack.
B) What does get through, will still have to get through the software firewall, which may have smarter code to check for attack behavior. Also, the software firewall can stop unknown programs from taking your data and sending it back to the bad guys.
Is all of this ideal? No. Be safe out there.
-- Patrick B.
1) Hardware firewalls typically do not stop inbound traffic once the connection has been initiated from the inside. They automatically allow return traffic. This is why Skype and LogMeIn and other 2-way programs work without opening specific ports on the firewall. It's also one way malware can bring more trash to a computer.
2) Typical hardware firewalls also do not alert you to the fact that some unknown program (one that is not on a whitelist) is attempting to start an outbound connection. Software firewalls will.
3) Hardware firewalls, like software firewalls, are just code someone has written and are also open to having bugs. If perfect, routers would never have new firmware editions.
Having said that, some security gateways/appliances have more features and configuration than the typical router with a firewall.
I definitely agree with you about being prudent in you use of the Internet. With the frequent vulnerabilities in web browsers and Windows, and with the good websites that are hacked by the bad guys, you may surf to any well-known, "good" website and find yourself infected by a malicious script, a malicious flash movie, a "clear click" spoof, and other tricks.
Oh. Why have a software and a hardware firewall?
A) The hardware firewall comes as part of most routers and will keep your computer's local IP Address from being directly seen on the Internet. It also will block nearly all of the thousands of ports that someone could try to use to connect to a computer. That means less possible points of attack.
B) What does get through, will still have to get through the software firewall, which may have smarter code to check for attack behavior. Also, the software firewall can stop unknown programs from taking your data and sending it back to the bad guys.
Is all of this ideal? No. Be safe out there.
-- Patrick B.
Last edited:
PatrickB
New Member
- Reaction score
- 2
Any reputable software firewall would be better than none. I prefer a hardware firewall and Comodo's firewall. ZoneAlarm is okay and is easy to setup. Comodo has more features and requires more setup to get the most out of it.
Also, install WOT (Web Of Trust) on your browser to help you determine what web pages are safe.
Install NoScript on Firefox to defang unknown websites by automatically disabling their scripting. For trusted websites, you can easily allow their scripting permanently or temporarily. In either case, you continue to have Clear Click protection.
-- Patrick B.
PatrickB
New Member
- Reaction score
- 2
Thank you for your insight Advanced. Would you consider starting a topic with your suggestions for small, business-class security gateway?
Also, what do you think about the Astaro gateway that Leo LaPorte is always advertising on his podcasts like Security Now?
Thank you,
-- Patrick B.
Also, what do you think about the Astaro gateway that Leo LaPorte is always advertising on his podcasts like Security Now?
Thank you,
-- Patrick B.
purple_minion
New Member
- Reaction score
- 1
- Location
- Minnesota, USA
I recently setup a Smoothwall box out of my employers ancient P4 900mhz system and so far it's great. I am still learning and haven't a clue about iptables and all that, but it beats the crap out of my router. Throw on a cheap switch and there you go. It could really do without the cheap ass color code crap, would it be too hard to call GREEN = LAN, RED = WAN, etc. Seriously, just seems so childish and I thought I really had a lot of learning to do if it's color coded. I tried to setup an eBox and untangle box but was unsuccessful. I will make another attempt this week, but I can't break it now... not with my gf home watching Dancing with the Stars over mythtv.
Perhaps setup something with an old computer that is sitting around collecting dust, you'll learn something and be safer... however I laugh at anyone over any IM who says anything a long those lines. You could just tell them hack up my linux box/vm box all you want, even if you aren't running one just to freak them out and see what they say.
Perhaps setup something with an old computer that is sitting around collecting dust, you'll learn something and be safer... however I laugh at anyone over any IM who says anything a long those lines. You could just tell them hack up my linux box/vm box all you want, even if you aren't running one just to freak them out and see what they say.
Similar threads
