Hardware firewalls

Archived from groups: comp.security.firewalls (More info?)

Are those better than software firewalls for protecting against outside
attacks?

Thank you
14 answers Last reply
More about hardware firewalls
  1. Archived from groups: comp.security.firewalls (More info?)

    In article <khvld0tvga76l4nkm0basq4jg1qgtiebnb@4ax.com>,
    none@example.net says...
    > A hardware firewall will block common network attacks, and reduce required
    > activity by the software firewall. On the other hand, hardware firewalls (aka
    > NAT routers in SOHO networks) only filter inbound traffic, and provide no
    > protection against rogue applications "calling home".

    I'm getting tired of people calling "ROUTERS" firewalls. If it does not
    block outbound then it's NOT a firewall. If you want to call it
    something, the proper thing to call it is a ROUTER with NAT functions.

    A true firewall blocks inbound and outbound connections that are not
    permitted by the rule sets.

    --
    --
    spamfree999@rrohio.com
    (Remove 999 to reply to me)
  2. Archived from groups: comp.security.firewalls (More info?)

    In article <khvld0tvga76l4nkm0basq4jg1qgtiebnb@4ax.com>,
    none@example.net says...
    > The first layer is a NAT router (hardware firewall), installed on the perimeter
    > of your network. If you have broadband internet, or PPP-compatible dialup
    > internet, you can and should use a hardware firewall.

    The first layer is called a ROUTER, not a hardware firewall - in your
    example. It's NOT A FIREWALL, IT IS A ROUTER.

    --
    --
    spamfree999@rrohio.com
    (Remove 999 to reply to me)
  3. Archived from groups: comp.security.firewalls (More info?)

    news wrote:

    > Are those better than software firewalls for protecting against
    > outside attacks?

    Probably the greatest threat against you is a remote-access trojan
    (RAT). Accidentally launch one of those, and all bets could be off.
    The really good RATs can render hardware and software firewalls (not to
    mention "routers the perform NAT functions") totally useless.
  4. Archived from groups: comp.security.firewalls (More info?)

    Leythos wrote:

    I'm getting tired tired of


    > A true firewall blocks inbound and outbound connections that are not
    > permitted by the rule sets.

    Many routers can be configured to filter traffic in both directions.
    Actually a firewall is no device at all. It is a concept - maybe written
    down on a piece of paper - that defines

    - allowed network traffic (ruleset)
    - the network layer on which filtering takes place
    - the software that is used to filter the traffic on the defined layers
    - the hardware device(s) used for that
    - the mainatainance of the hard- and software
    - a complete documentation
    .. a policy about neccessary measures to chnage the ruleset
    - logging, access to logfiles
    - consequences for the case of policy violations

    That is what I'd call a firewall.

    Wolfgang
    --
    A foreign body and a foreign mind
    never welcome in the land of the blind.
    from 'Not one of us', (c) 1980 Peter Gabriel
  5. Archived from groups: comp.security.firewalls (More info?)

    In article <cbfj2g$k2p$1@news.shlink.de>, wolfgang@shconnect.de says...
    > Leythos wrote:
    >
    > I'm getting tired tired of
    >
    >
    > > A true firewall blocks inbound and outbound connections that are not
    > > permitted by the rule sets.
    >
    > Many routers can be configured to filter traffic in both directions.
    > Actually a firewall is no device at all. It is a concept - maybe written
    > down on a piece of paper - that defines
    >
    > - allowed network traffic (ruleset)
    > - the network layer on which filtering takes place
    > - the software that is used to filter the traffic on the defined layers
    > - the hardware device(s) used for that
    > - the mainatainance of the hard- and software
    > - a complete documentation
    > . a policy about neccessary measures to chnage the ruleset
    > - logging, access to logfiles
    > - consequences for the case of policy violations
    >
    > That is what I'd call a firewall.

    OK, as long as people quit calling routers with NAT firewalls. I don't
    care if it's a soft/hard firewall as long as people quit
    spreading/falling for the marketing hype.

    --
    --
    spamfree999@rrohio.com
    (Remove 999 to reply to me)
  6. Archived from groups: comp.security.firewalls (More info?)

    On 2004-06-24, Chuck <none@example.net> wrote:
    > Block possibly dangerous websites with a Hosts file. Three Hosts file sources I
    > use:
    > http://www.accs-net.com/hosts/get_hosts.html
    > http://www.mvps.org/winhelp2002/hosts.htm
    > (The third is included, and updated, with Spybot (see above)).

    This offers little or no additional security, and the mvps one is full of
    errors, so you'll cut yourself off sites that you might actually want to visit.

    The rest of Chuck's advice was quite good.

    --
    --Tim Smith
  7. Archived from groups: comp.security.firewalls (More info?)

    · wrote:

    > news wrote:
    >
    >
    >>Are those better than software firewalls for protecting against
    >>outside attacks?
    >
    >
    > Probably the greatest threat against you is a remote-access trojan
    > (RAT). Accidentally launch one of those, and all bets could be off.
    > The really good RATs can render hardware and software firewalls (not to
    > mention "routers the perform NAT functions") totally useless.

    If you think RAT's are bad, try dealing with an NT root kit....
    E.
  8. Archived from groups: comp.security.firewalls (More info?)

    E. wrote:

    > · wrote:
    >
    >> news wrote:
    >>
    >>
    >>> Are those better than software firewalls for protecting against
    >>> outside attacks?
    >>
    >>
    >> Probably the greatest threat against you is a remote-access trojan
    >> (RAT). Accidentally launch one of those, and all bets could be off.
    >> The really good RATs can render hardware and software firewalls (not
    >> to mention "routers the perform NAT functions") totally useless.
    >
    > If you think RAT's are bad, try dealing with an NT root kit....
    > E.

    Easy. Boot into a secondary environment, and compare MD5 hashes of
    every file on the system. This takes me about 10 minutes to do.

    The line between RATs and rootkits isn't so clearly delineated, so I'm
    not sure what your point was here. Oneupsmanship? OK, if you think NT
    rootkits are bad, try dealing with a double-barrel shotgun.
  9. Archived from groups: comp.security.firewalls (More info?)

    · wrote:
    > E. wrote:
    >
    >
    >>· wrote:
    >>
    >>
    >>>news wrote:
    >>>
    >>>
    >>>
    >>>>Are those better than software firewalls for protecting against
    >>>>outside attacks?
    >>>
    >>>
    >>>Probably the greatest threat against you is a remote-access trojan
    >>>(RAT). Accidentally launch one of those, and all bets could be off.
    >>>The really good RATs can render hardware and software firewalls (not
    >>>to mention "routers the perform NAT functions") totally useless.
    >>
    >>If you think RAT's are bad, try dealing with an NT root kit....
    >>E.
    >
    >
    > Easy. Boot into a secondary environment, and compare MD5 hashes of
    > every file on the system. This takes me about 10 minutes to do.
    This is useful if you had already generated MD5 hashes for every file on
    the box before the root kit got there - which NT doesn't do by default.

    > The line between RATs and rootkits isn't so clearly delineated,
    True... the line between them is very blurry. I'm starting to encounter
    root kits which act as spyware delivery mechanisms, which is something
    we could all live without.

    so I'm
    > not sure what your point was here.
    More of an unstated one that a 'firewall' as described in this thread
    won't do jack to stop either.

    Oneupsmanship? OK, if you think NT
    > rootkits are bad, try dealing with a double-barrel shotgun.

    easy, get something that's useful beyond the range of a double-barrel
    and use it. ;-) A standard bow and arrow would do it...
    E.
  10. Archived from groups: comp.security.firewalls (More info?)

    > Easy. Boot into a secondary environment, and compare MD5
    hashes of
    > every file on the system. This takes me about 10 minutes
    to do.
    >

    What are the tools that you are using to accomplish this:
    1 - generate MD5 checksums for the all the files
    2 - compare checksums

    gurkatoon
  11. Archived from groups: comp.security.firewalls (More info?)

    _____ wrote:

    >> Easy. Boot into a secondary environment, and compare MD5 hashes of
    >> every file on the system. This takes me about 10 minutes to do.
    >>
    >
    > What are the tools that you are using to accomplish this:
    > 1 - generate MD5 checksums for the all the files
    > 2 - compare checksums

    FingerPrint does it all in one shot, and it's free.

    http://www.2brightsparks.com/freeware/freeware-hub.html
  12. Archived from groups: comp.security.firewalls (More info?)

    > FingerPrint does it all in one shot, and it's free.
    >
    > http://www.2brightsparks.com/freeware/freeware-hub.html
    >
    >

    I salute and thank you for the link.

    gurkatoon
  13. Archived from groups: comp.security.firewalls (More info?)

    On Fri, 25 Jun 2004 07:01:50 GMT, Tim Smith <reply_in_group@mouse-potato.com>
    wrote:

    >On 2004-06-24, Chuck <none@example.net> wrote:
    >> Block possibly dangerous websites with a Hosts file. Three Hosts file sources I
    >> use:
    >> http://www.accs-net.com/hosts/get_hosts.html
    >> http://www.mvps.org/winhelp2002/hosts.htm
    >> (The third is included, and updated, with Spybot (see above)).
    >
    >This offers little or no additional security, and the mvps one is full of
    >errors, so you'll cut yourself off sites that you might actually want to visit.
    >
    >The rest of Chuck's advice was quite good.

    Tim,

    I too have noted that problem with host file blocking. I find the problem much
    less irritating when I surf the web, and see blank spaces where all the
    advertisements used to be, and see how much faster the pages load. :-)

    And, for the times when I intentionally want to load a blocked web site, Hostess
    lets me temporarily disable the hosts file with a couple mouse clicks, and re
    enable the file later.

    Although, if I see a solution to let me white list specific web sites from being
    blocked, I'll be using it and recommending it so quickly...

    Cheers,
    Chuck
    Paranoia comes from experience - and is not necessarily a bad thing.
  14. Archived from groups: comp.security.firewalls (More info?)

    "news" <geerge@yahoo.com> wrote in message
    news:x%xCc.3481$dx3.27288@newsb.telia.net...
    > Are those better than software firewalls for protecting against outside
    > attacks?
    >
    > Thank you
    >
    >

    Remember the witty worm? it attacked softwarefirewalls and destroyed data
Ask a new question

Read More

Firewalls Hardware Security Software Networking