Firewalls ??

kippen_noedel

slushpuppy wrote: »

Thats not true a hardware firewall is superior to a software firewall, and can stop any port number you wish, home routers do the same but they arent really a router in the true sense but more of a combination of hub/switch/router.

:beer:

while you are technically correct, there are other options to consider, eg how many threat signatures can the firewall manage. most domestic ones are limited to around 5000, an enterprise class firewall 25000

the best option for home use, is the combination of the built in firewall with the router for incoming and a software one for outgoing. as alread mentioned above the windows firewall isn't as yet too hot at outbound protection though Microsoft are supposedly addressing this issue in a future update.

Jaffa.

aliEnRIK wrote: »

Most hardware firewalls dont stop sh*t.

Mmm I'm curious now, please elaborate

[Deleted User]

To be honest software firewalls are flawed from the outset and not much more than closing the stable door after the horse has bolted. Most popular software firewalls can quite easily be bypassed with no visible indication that this has occurred.

I wonder how many people are incorrectly thinking that they have secured their machine with a software firewall, but whilst running as an administrator..

kippen_noedel

slushpuppy wrote: »

More than technically correct, Im stuck with this one, what threat signatures? do you mean port authority configuration updates, or are you using different terminolgy as threat signatures/virus definitions relate to AV.

it's common when people hear threat signatures to assume virus related but that isn't the case

when attacks happen whether virus related, intrusion detection or zero day exploits they all have a signature,

good hardware firewalls use positive(deny everything that isn't known to be safe) and negative (known to be threatening) security, cheap ones only use negative.

Jaffa.

kippen_noedel wrote: »

good hardware firewalls use positive(deny everything that isn't known to be safe) and negative (known to be threatening) security, cheap ones only use negative.

Yet "good hardware firewalls" are not needed for the home user... "the needs of a single computer are quite different than the needs of a local network"

It's funny, I use no outbound protection what so ever on my home network, just a good quality antivirus. If it's going to bypass the AV then it's going to bypass the firewall.

I'm not sure about this though... If something like sub-seven (the server part) was ran on my computer, could the client still control and send commands the server? Or would the inbound protection of windows firewall and the routers firewall stop this?

kippen_noedel

Jaffa. wrote: »

Yet "good hardware firewalls" are not needed for the home user... "the needs of a single computer are quite different than the needs of a local network"

It's funny, I use no outbound protection what so ever on my home network, just a good quality antivirus. If it's going to bypass the AV then it's going to bypass the firewall.

I'm not sure about this though... If something like sub-seven (the server part) was ran on my computer, could the client still control and send commands the server? Or would the inbound protection of windows firewall and the routers firewall stop this?

I use a TZ 180/10 but that's for a small business network on a sdsl connnection, as you said waste of money for normal home use. Never used for browsing.

I also have a cable connection for personal use, on that I use only the router firewall, and no AV but I do use sandboxie, so infection is pretty much impossible (absolutely NOT for beginners)

your av, if up to date should catch it, some avs won't
if it's infected the pc, neither the windows firewall or router firewall would prevent it from communicating with its author, it would appear as authorised.

Laz123

Also make sure the default password on the router is changed as this can be easily hacked.

Jaffa.

slushpuppy wrote: »

just as Laz123 above makes the common mistake of saying that if you dont change your router password youll get hacked, a hacker will break into security as someone who knows a router make and model will just use the defualt log ins, not really hacking.
:beer:

Even without a password on the router, peeps on the internet can't access the router page because remote management is off by default, unless they log on to the unsecure wireless...

aliEnRIK

slushpuppy wrote: »

Thats not true a hardware firewall is superior to a software firewall, and can stop any port number you wish, home routers do the same but they arent really a router in the true sense but more of a combination of hub/switch/router.

:beer:

I can configure my software firewall to stop any port I wish. N how is either going to stop viruses and suchlike? Infected sites are still going to infect you wether you use software, hardware or both. They dont do sh*t. Best you can hope for is to block EVERY port except for what you need and for it to stop ALL outbound traffic thats not known about (eg ~ keyloggers)

aliEnRIK

slushpuppy wrote: »

Ummm der if you stopped HTTP you wouldnt see anything, ofcourse routers dont stop viruses, who said they did, port intrusion via port 25, 110, 143, will stop problems and software and hardware firewall are both configurable, nobody said they werent and hardware firewalls do a much better job at port detection exploits.

Plus software may not load, and can be edited, hardware can be locked down more efficiently.

By 'ummmm der' are you trying to say im thick?

Are you also saying that people shouldnt be using software firewalls?
And can hardware firewalls stop ALL keyloggers and the like calling outwards?