Hardware firewalls.

[Guest]

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

I would like to add a hardware firewall - I currently use a software
firewall, NIS.
Can anyone reccommend a good one? preferably one that is available in Europe.
Many thanks in advance,

 

[Guest]

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

Peebs

If you are connected via DSL (ADSL), there is a good chance that you are
behind a NAT device of some sort which is seen as the home version of a
hardware firewall.. if you still use dialup, forget about it..

--
Mike Hall
MVP - Windows Shell/user

http://dts-l.org/goodpost.htm





"Peebs" <Peebs@discussions.microsoft.com> wrote in message
news:9E76C0FF-B8D3-4B46-A423-EB91C14E931E@microsoft.com...
>I would like to add a hardware firewall - I currently use a software
> firewall, NIS.
> Can anyone reccommend a good one? preferably one that is available in
> Europe.
> Many thanks in advance,

 

[Guest]

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

From: "Mike Hall (MS-MVP)" <mike.hall.mail@sympatico.ca>

| Peebs
|
| If you are connected via DSL (ADSL), there is a good chance that you are
| behind a NAT device of some sort which is seen as the home version of a
| hardware firewall.. if you still use dialup, forget about it..
|
| --
| Mike Hall
| MVP - Windows Shell/user
|
| http://dts-l.org/goodpost.htm
|
| "Peebs" <Peebs@discussions.microsoft.com> wrote in message
| news:9E76C0FF-B8D3-4B46-A423-EB91C14E931E@microsoft.com...

To add to what Mike stated...

Cable/DSL Routers such as the Linksys BEFSR41 use Network Address Translation (NAT) and thus
act as simplistic FireWalls. There are other models from Linksys and other vendors that
have full FireWall implementations. They are inexpensiive, have other benefits as well and
are highly suggested.

As always, I suggest blocking both TCP and UDP ports 135 ~ 139 and 445 on *any* SOHO Router.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm

 

[Guest]

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

On Thu, 28 Apr 2005 15:03:42 -0400, David H. Lipman wrote:
>
> To add to what Mike stated...
>
> Cable/DSL Routers such as the Linksys BEFSR41 use Network Address
> Translation (NAT) and thus act as simplistic FireWalls. There are other
> models from Linksys and other vendors that have full FireWall
> implementations. They are inexpensiive, have other benefits as well
> and are highly suggested.
>
> As always, I suggest blocking both TCP and UDP ports 135 ~ 139 and 445
> on *any* SOHO Router.

It's very nice to see someone other than me tell people about the
difference in SOHO units for a change. The difference between a firewall
appliance and a NAT Router (the entire Linksys line, even the BEFSX41 is
just a NAT box) is that they offer little FIREWALL protection. These units
are the absolute minimum I would install for a home user, and they are
absolutely needed for any type of DSL/Cable connection for home users.

If the OP really wants a firewall, a WatchGuard SOHO 6 unit or a X5 unit
would be ideal for a small office or home user. A second alternative might
be the Netscreen 5GT-ADSL Plus (or other version depending on the WAN
connection).

If the OP has to go cheap, meaning a D-Link/Netgear/Linksys and under $200
(USD) then even the Linksys BEFSR41 provides as much inbound protection as
any of the others in its class.


--
spam999free@rrohio.com
remove 999 in order to email me

 

[Guest]

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

In your opinion, what is the difference between the BEFSR41 router and the
BEFSX41 firewall/router? Any?

I know that I can go to the web site but I would like YOUR opinion!

--
Regards,

Richard Urban

aka Crusty (-: Old B@stard

If you knew as much as you think you know,
You would realize that you don't know what you thought you knew!


"Leythos" <void@nowhere.lan> wrote in message
news:dXcce.1033$Eg.444@tornado.ohiordc.rr.com...
> On Thu, 28 Apr 2005 15:03:42 -0400, David H. Lipman wrote:
>>
>> To add to what Mike stated...
>>
>> Cable/DSL Routers such as the Linksys BEFSR41 use Network Address
>> Translation (NAT) and thus act as simplistic FireWalls. There are other
>> models from Linksys and other vendors that have full FireWall
>> implementations. They are inexpensiive, have other benefits as well
>> and are highly suggested.
>>
>> As always, I suggest blocking both TCP and UDP ports 135 ~ 139 and 445
>> on *any* SOHO Router.
>
> It's very nice to see someone other than me tell people about the
> difference in SOHO units for a change. The difference between a firewall
> appliance and a NAT Router (the entire Linksys line, even the BEFSX41 is
> just a NAT box) is that they offer little FIREWALL protection. These units
> are the absolute minimum I would install for a home user, and they are
> absolutely needed for any type of DSL/Cable connection for home users.
>
> If the OP really wants a firewall, a WatchGuard SOHO 6 unit or a X5 unit
> would be ideal for a small office or home user. A second alternative might
> be the Netscreen 5GT-ADSL Plus (or other version depending on the WAN
> connection).
>
> If the OP has to go cheap, meaning a D-Link/Netgear/Linksys and under $200
> (USD) then even the Linksys BEFSR41 provides as much inbound protection as
> any of the others in its class.
>
>
> --
> spam999free@rrohio.com
> remove 999 in order to email me
>

 

[Guest]

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

On Thu, 28 Apr 2005 22:28:04 -0400, Richard Urban wrote:
>
> In your opinion, what is the difference between the BEFSR41 router and
> the BEFSX41 firewall/router? Any?
>
> I know that I can go to the web site but I would like YOUR opinion!

I have both routers in my lab, they are both about the same. The SX will
allow blocking of Active-X and some other things, the SX will also do a
couple IPSec tunnels. It has a couple other blocking features, but it's
just a higher-end SR unit.

The BEFVP unit is designed a little differently, it's designed for doing
20 IPSec tunnels, and also has the same abilities as the SR with a few
add-ons.

I purchase the VP over the SX, but I need IPSec tunnels more than I need
the features of the SX. If I need something cheap, I just get a SR.

--
spam999free@rrohio.com
remove 999 in order to email me

 

[Guest]

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

Thank you!

--
Regards,

Richard Urban

aka Crusty (-: Old B@stard

If you knew as much as you think you know,
You would realize that you don't know what you thought you knew!


"Leythos" <void@nowhere.lan> wrote in message
news:2chce.3468$fh.2045@tornado.ohiordc.rr.com...
> On Thu, 28 Apr 2005 22:28:04 -0400, Richard Urban wrote:
>>
>> In your opinion, what is the difference between the BEFSR41 router and
>> the BEFSX41 firewall/router? Any?
>>
>> I know that I can go to the web site but I would like YOUR opinion!
>
> I have both routers in my lab, they are both about the same. The SX will
> allow blocking of Active-X and some other things, the SX will also do a
> couple IPSec tunnels. It has a couple other blocking features, but it's
> just a higher-end SR unit.
>
> The BEFVP unit is designed a little differently, it's designed for doing
> 20 IPSec tunnels, and also has the same abilities as the SR with a few
> add-ons.
>
> I purchase the VP over the SX, but I need IPSec tunnels more than I need
> the features of the SX. If I need something cheap, I just get a SR.
>
> --
> spam999free@rrohio.com
> remove 999 in order to email me
>

 

[Guest]

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

On Thu, 28 Apr 2005 23:23:29 -0400, Richard Urban wrote:
>
> Thank you!

Richard, if you are going to get a real firewall, they are not cheap, if
you want an appliance that is. I bought a D-Link DI808HV for one client
that wanted some main firewall features, but didn't want just NAT. I set
it up as a PPTP end-point and also a VPN unit for passing inbound to their
server. It was about $280 if I remember correctly.

As for small home networks, I like the WatchGuard SOHO 6 or 6tc, but I've
not really had time to use the X series. I'm suppose to be getting an X700
this month for my home.

--
spam999free@rrohio.com
remove 999 in order to email me

 

[Guest]

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

Hi Mike,
Thanks for the info. I am still on dial-up (we moved from an area with ADSL
and dial-up is a cultural shock). When you say "forget it", do you mean that
i don't need a NAT device with dial-up or is there some other reason?
Regards,

"Mike Hall (MS-MVP)" wrote:

> Peebs
>
> If you are connected via DSL (ADSL), there is a good chance that you are
> behind a NAT device of some sort which is seen as the home version of a
> hardware firewall.. if you still use dialup, forget about it..
>
> --
> Mike Hall
> MVP - Windows Shell/user
>
> http://dts-l.org/goodpost.htm
>
>
>
>
>
> "Peebs" <Peebs@discussions.microsoft.com> wrote in message
> news:9E76C0FF-B8D3-4B46-A423-EB91C14E931E@microsoft.com...
> >I would like to add a hardware firewall - I currently use a software
> > firewall, NIS.
> > Can anyone reccommend a good one? preferably one that is available in
> > Europe.
> > Many thanks in advance,
>
>
>

 

[Guest]

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

On Tue, 03 May 2005 18:47:02 -0700, Peebs wrote:
>
> Hi Mike,
> Thanks for the info. I am still on dial-up (we moved from an area with
> ADSL and dial-up is a cultural shock). When you say "forget it", do you
> mean that i don't need a NAT device with dial-up or is there some other
> reason? Regards,

Dial-Up is no different than any other internet connection - just slower.
You are still exposed to a PUBLIC Internet connection, and people can
still access your computer directly.

If you don't already have a NAT device or at least a personal firewall,
and you have not perfectly secured your machine according to MS's
recommendations, you may already be compromised.

--
spam999free@rrohio.com
remove 999 in order to email me

 

[Guest]

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

I do have a PFW - Norton IS and I do keep XP and NAV up to date. I also scan
regularly with MS anti-spyware and AdAware SE so i am probably OK for now.
What I am looking for is advice on buying, installing and using a hardware
firewall.
Many hanks,


"Leythos" wrote:

> On Tue, 03 May 2005 18:47:02 -0700, Peebs wrote:
> >
> > Hi Mike,
> > Thanks for the info. I am still on dial-up (we moved from an area with
> > ADSL and dial-up is a cultural shock). When you say "forget it", do you
> > mean that i don't need a NAT device with dial-up or is there some other
> > reason? Regards,
>
> Dial-Up is no different than any other internet connection - just slower.
> You are still exposed to a PUBLIC Internet connection, and people can
> still access your computer directly.
>
> If you don't already have a NAT device or at least a personal firewall,
> and you have not perfectly secured your machine according to MS's
> recommendations, you may already be compromised.
>
> --
> spam999free@rrohio.com
> remove 999 in order to email me
>
>