Router vs software firewall - Tilted Forum Project Discussion Community

Sun Tzu · 07-08-2003, 11:01 PM

SO many areas of computers: programming, hardware, multimedia (and allthe catagories of that), networking, on and on.

My main weakness is networking and security. Its not that I dont want to learn its a timing issue. Im having a hell of a time with firewalls. Ive been trying demos out to see which is the most user friendly. The problem I keep having is the configuration continually interferes with software thats loaded on my system ( I know thats a configuration issue, but in some cases it doesnt seem to be as easy as just finding the software and giving it clearences.

Anyway I have a SMC barracade that Im using to run my cable service to multiple PCs. I understand it has a firewall in it? Is it automatically on? Is it something that has to be turned on and adjusted with software? Is it indeed better than any software firewall?

smooth · 07-09-2003, 12:16 AM

Your router "firewalls" the LAN side (your computers) by masking them from WAN (outside computers) identification. I'm pretty sure your router does this by dropping unauthorized pings and giving each of your computer an IP address only it knows. This should be on by default but you may have to turn in on.

A router doesn't substitute for a full firewall, however, whether it is software of hardware. A real firewall also monitors outbound trafic so trojans and other programs can't contact the WAN side (or even other stations on the LAN side for that matter) without explicit permission.

The router is a good first defense but doesn't replace a software firewall--one should really use both. A hardware firewall--where a physical box seperates your computer from the scary outside world--is the optimum defence.

Anyway, I think I got this mostly right. Hopefully a network guru will fix my mistakes and set you straight but this will get you rolling.

crewsor · 07-09-2003, 03:38 AM

You may want to go to one of the many sites that will probe your computer to see if you are vulnerable. Your current setup may be adequate, depending on how concerned you are with security.

Link

hrdwareguy · 07-09-2003, 05:35 AM

A router will block any inboud traffic where the request did not come from the lan side of the router. The exception to this is if you open any ports and allow them through. For general home use, you won't open any ports at all. For a business use, you might open the SMTP port for incoming mail if you are running a mail server, or you might open the HTTP port if you are running a web server.

As smooth said, a firewall will inspect both inbound and outbound packets to make sure nothing is connecting where it shouldn't be. For example where I work, I have an open port in the router to allow mail into my network. I can have a software firewall running on my machine to block anything coming in on that port for my machine since the mail server is not on my workstation.

If you are sure you really need a firewall instead of just your router, a dedicated piece of hardware is the best way to go.

tinfoil · 07-09-2003, 08:20 AM

Many newer personal routers are also coming with more true firewalling abilities. Netgear makes a nice one with statefull packet inspection for under US$200 that will mail logs to the user if he/she wants. It also has basic content control, if you so desire.

Sun Tzu · 07-09-2003, 09:34 PM

Thanks for the help. I went to the site that crewsor provided and it says my PC is secured well. Most of my ports are showing to be in stealth mode as well. I have allot to learn. Hardware just reminded me how much I dont know about configuring.

THanks for the info.

kod · 07-09-2003, 10:20 PM

If you really want to learn about firewalling, and have a second machine or can dual boot, spend some time playing around with OpenBSD's firewall or Ipfilter. Much more flexible than a black box you just buy & don't understand.

Pragma · 07-22-2003, 05:56 PM

I honestly wouldn't recommend GRC as a place to "scan your ports" as I've had it show up a lot of faulty information.

kod raises a good point about OpenBSD. I recommend hitting up your local bookstore and finding a good book on securing your network.

JJamesB2 · 07-22-2003, 07:48 PM

I have had a lot of luck with my Linksys EtherFast Cable/DSL Router combine with BlackIce. That seems to provide a fairly advanced barrier. KOD is right, and you can probably use that as both a router and firewall.

dim5 · 07-22-2003, 08:44 PM

If you use a dedicated firewall box, there are some Linux distributions that are prepackaged. Also, remember that firewall boxes don't need to be the latest and the greatest. For awhile last year, I was using an old p133 running openbsd as a firewall box, it worked fine.

Pragma · 07-23-2003, 12:48 PM

From what I've heard, OpenWall is a good Linux distro to use for firewalls, as is Gentoo. OpenBSD seems to be the one that sets the bar, though, in terms of security and firewalling. It's what I use, and I highly recommend it.

sultanx · 07-27-2003, 10:16 PM

Routers use NAT. This only slows down outside requests it will not block or stop them. There are sevral programs that will help you get through NAT. You can run a firewall on your computer but if you run windows it isn't the best idea. Run a real firewall between your modem and computer. Sonicwall and Watchgaurd are leaders in this. Check them out.

07-28-2003, 07:53 AM

Sultanx is right, to a point. Most of the low end consumer equipment simply uses NAT to somewhat block outside requests. The last linksys router I had did port forwarding as well. I've got aquaintainces who admin some PiX boxes that would cringe though.

For the average user, a consumer router *and* a software firewall should provide enough protection. Hell, Windows XP's firewall might even suffice.

zero2 · 07-28-2003, 11:31 AM

Use a software firewall too, Norton's Firewall is the easiest to use, though i never had any problems with the hardware firewall by itself.

07-08-2003, 11:01 PM	#1 (permalink)
Sun Tzu Conspiracy Realist Location: The Event Horizon	Router vs software firewall SO many areas of computers: programming, hardware, multimedia (and allthe catagories of that), networking, on and on. My main weakness is networking and security. Its not that I dont want to learn its a timing issue. Im having a hell of a time with firewalls. Ive been trying demos out to see which is the most user friendly. The problem I keep having is the configuration continually interferes with software thats loaded on my system ( I know thats a configuration issue, but in some cases it doesnt seem to be as easy as just finding the software and giving it clearences. Anyway I have a SMC barracade that Im using to run my cable service to multiple PCs. I understand it has a firewall in it? Is it automatically on? Is it something that has to be turned on and adjusted with software? Is it indeed better than any software firewall? __________________ *To confine our attention to terrestrial matters would be to limit the human spirit.- Stephen Hawking* Last edited by Sun Tzu; 07-09-2003 at 09:27 PM..

07-09-2003, 12:16 AM	#2 (permalink)
smooth Junkie Location: Right here	Your router "firewalls" the LAN side (your computers) by masking them from WAN (outside computers) identification. I'm pretty sure your router does this by dropping unauthorized pings and giving each of your computer an IP address only it knows. This should be on by default but you may have to turn in on. A router doesn't substitute for a full firewall, however, whether it is software of hardware. A real firewall also monitors outbound trafic so trojans and other programs can't contact the WAN side (or even other stations on the LAN side for that matter) without explicit permission. The router is a good first defense but doesn't replace a software firewall--one should really use both. A hardware firewall--where a physical box seperates your computer from the scary outside world--is the optimum defence. Anyway, I think I got this mostly right. Hopefully a network guru will fix my mistakes and set you straight but this will get you rolling. __________________ "The theory of a free press is that truth will emerge from free discussion, not that it will be presented perfectly and instantly in any one account." -- Walter Lippmann "You measure democracy by the freedom it gives its dissidents, not the freedom it gives its assimilated conformists." -- Abbie Hoffman

07-09-2003, 03:38 AM	#3 (permalink)
crewsor Women want me. Men fear me. Location: Maryland,USA	You may want to go to one of the many sites that will probe your computer to see if you are vulnerable. Your current setup may be adequate, depending on how concerned you are with security. Link __________________ We all have wings, some of us just don't know why.

07-09-2003, 05:35 AM	#4 (permalink)
hrdwareguy "Officer, I was in fear for my life" Location: Oklahoma City	A router will block any inboud traffic where the request did not come from the lan side of the router. The exception to this is if you open any ports and allow them through. For general home use, you won't open any ports at all. For a business use, you might open the SMTP port for incoming mail if you are running a mail server, or you might open the HTTP port if you are running a web server. As smooth said, a firewall will inspect both inbound and outbound packets to make sure nothing is connecting where it shouldn't be. For example where I work, I have an open port in the router to allow mail into my network. I can have a software firewall running on my machine to block anything coming in on that port for my machine since the mail server is not on my workstation. If you are sure you really need a firewall instead of just your router, a dedicated piece of hardware is the best way to go. __________________ Gun Control is hitting what you aim at Aim for the TFP, Donate Today

07-09-2003, 08:20 AM	#5 (permalink)
tinfoil Fucking Hostile Location: Springford, ON, Canada	Many newer personal routers are also coming with more true firewalling abilities. Netgear makes a nice one with statefull packet inspection for under US$200 that will mail logs to the user if he/she wants. It also has basic content control, if you so desire. __________________ Get off your fuckin cross. We need the fuckin space to nail the next fool martyr.

07-09-2003, 09:34 PM	#6 (permalink)
Sun Tzu Conspiracy Realist Location: The Event Horizon	Thanks for the help. I went to the site that crewsor provided and it says my PC is secured well. Most of my ports are showing to be in stealth mode as well. I have allot to learn. Hardware just reminded me how much I dont know about configuring. THanks for the info. __________________ *To confine our attention to terrestrial matters would be to limit the human spirit.- Stephen Hawking*

07-09-2003, 10:20 PM	#7 (permalink)
kod Upright	If you really want to learn about firewalling, and have a second machine or can dual boot, spend some time playing around with OpenBSD's firewall or Ipfilter. Much more flexible than a black box you just buy & don't understand.

07-22-2003, 05:56 PM	#8 (permalink)
Pragma I am Winter Born Location: Alexandria, VA	I honestly wouldn't recommend GRC as a place to "scan your ports" as I've had it show up a lot of faulty information. kod raises a good point about OpenBSD. I recommend hitting up your local bookstore and finding a good book on securing your network. __________________ Eat antimatter, Posleen-boy!

07-22-2003, 07:48 PM	#9 (permalink)
JJamesB2 Upright	I have had a lot of luck with my Linksys EtherFast Cable/DSL Router combine with BlackIce. That seems to provide a fairly advanced barrier. KOD is right, and you can probably use that as both a router and firewall.

07-22-2003, 08:44 PM	#10 (permalink)
dim5 Crazy	If you use a dedicated firewall box, there are some Linux distributions that are prepackaged. Also, remember that firewall boxes don't need to be the latest and the greatest. For awhile last year, I was using an old p133 running openbsd as a firewall box, it worked fine.

07-23-2003, 12:48 PM	#11 (permalink)
Pragma I am Winter Born Location: Alexandria, VA	From what I've heard, OpenWall is a good Linux distro to use for firewalls, as is Gentoo. OpenBSD seems to be the one that sets the bar, though, in terms of security and firewalling. It's what I use, and I highly recommend it. __________________ Eat antimatter, Posleen-boy!

07-27-2003, 10:16 PM	#12 (permalink)
sultanx Upright Location: the wireless	the low down Routers use NAT. This only slows down outside requests it will not block or stop them. There are sevral programs that will help you get through NAT. You can run a firewall on your computer but if you run windows it isn't the best idea. Run a real firewall between your modem and computer. Sonicwall and Watchgaurd are leaders in this. Check them out. __________________ wireless revolution - THE TIME IS NOW!

07-28-2003, 07:53 AM	#13 (permalink)
smithja0423 Guest	Sultanx is right, to a point. Most of the low end consumer equipment simply uses NAT to somewhat block outside requests. The last linksys router I had did port forwarding as well. I've got aquaintainces who admin some PiX boxes that would cringe though. For the average user, a consumer router and a software firewall should provide enough protection. Hell, Windows XP's firewall might even suffice.

07-28-2003, 11:31 AM	#14 (permalink)
zero2 Junkie	Use a software firewall too, Norton's Firewall is the easiest to use, though i never had any problems with the hardware firewall by itself.