📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!

Does this mean we have a hardware firewall?

Options
Not sure if we have a hardware firewall. Can anyone tell me?

This is what we have:

We have a Zoom X3 Modem/Router/Gateway

Specs say this:
• Ethernet to ADSL self learning - Transparent Bridging (IEEE 802.1D)
• Supports up to 128 MAC learning addresses
Router Mode • IP routing - RIP v2
• Static routing
• DNS Proxy
• Port Forwarding
• DHCP (Dynamic Host Configuration Protocol) server and client
• NAT (Network Address Translation)
• NAPT (Network Address and Port Translation)
• Simultaneous USB and Ethernet operation
Security • User authentication for PPP
• PAP (Password Authentication Protocol)
• CHAP (Challenge Authentication Protocol)
• Password protected system management

Also have a DLink DFE-908Dx 8 Port 10/100Mbps Dual Speed Hub

Many thanks

Comments

  • hawkwind
    hawkwind Posts: 240 Forumite
    Part of the Furniture 100 Posts Combo Breaker
    Yes

    NAT (Network Address Translation)

    Try a shields upo test at https://www.grc.com/x/ne.dll?bh0bkyd2

    to test for any open ports
  • Chippy_Minton
    Chippy_Minton Posts: 3,339 Forumite
    NAT provides a basic firewall, however it's not like a true hardware firewall which can block or allow specific ports and services. See Security: Comparing NAT, Static Content Filtering, SPI, and Firewalls.
  • krishna
    krishna Posts: 818 Forumite
    hawkwind wrote: »
    Yes

    NAT (Network Address Translation)

    Try a shields upo test at https://www.grc.com/x/ne.dll?bh0bkyd2

    to test for any open ports

    Tried this. Identified 6 ports as "stealth". So what does this mean?
  • superscaper
    superscaper Posts: 13,369 Forumite
    Part of the Furniture 10,000 Posts Combo Breaker
    krishna wrote: »
    Tried this. Identified 6 ports as "stealth". So what does this mean?

    Stealth means it can't even tell if your ports are open. That's a good thing. Ideally ALL your ports should be stealth. Have you got a firewall installed on your pc (or is windows firewall switched on)? Ideally you should have software firewalls on all pcs even with a hardware firewall.
    "She is quite the oddball. Did you notice how she didn't even get excited when she saw this original ZX-81?"
    Moss
  • Nikolai
    Nikolai Posts: 348 Forumite
    Stealth is good. It means those ports are not visible on the internet - therefore no one can try and attack them!
    Edit: beaten to it by Superscaper!
  • superscaper
    superscaper Posts: 13,369 Forumite
    Part of the Furniture 10,000 Posts Combo Breaker
    Nikolai wrote: »
    Edit: beaten to it by Superscaper!

    :D:D :D :beer:
    "She is quite the oddball. Did you notice how she didn't even get excited when she saw this original ZX-81?"
    Moss
  • krishna
    krishna Posts: 818 Forumite
    Stealth means it can't even tell if your ports are open. That's a good thing. Ideally ALL your ports should be stealth. Have you got a firewall installed on your pc (or is windows firewall switched on)? Ideally you should have software firewalls on all pcs even with a hardware firewall.

    All other 1050 ports that Shields UP checked came up as "closed". Is that OK?

    No software firewalls at present. We are in the process of upgrading some of our equipment and will be installing a server running Windows Small Business Server (as a charity we get excellent deals on the software). Will SBS come with software firewall? Would we be installing firewall on server only, or do we need to install on all PCs?

    If we need an additional hardware firewall, is one of these CISCO products any use? http://www.ctxchange.org/ctx/browse_products/cisco/default.asp
    Again we get cheap deals on these. If not, what would you suggest?

    The PCs will all be running Win2k pro or XP pro
  • albertross_2
    albertross_2 Posts: 8,932 Forumite
    Any port probing tests you run are testing the router, not the PC. If your PC's have a local 192 or 10. ipaddress, then the outside world can't talk to them, unless they initiate the conversation.

    Using a firewall inside a network environment can cause all sorts of spurious problems, slowness, timeout's, filesharing issues. So I'd concentrate on the perimeter, and make sure the PC are patched, and have upto date AV and anti-malware products.
    Ever get the feeling you are wasting your time? :rolleyes:
  • krishna
    krishna Posts: 818 Forumite
    albertross wrote: »
    Any port probing tests you run are testing the router, not the PC. If your PC's have a local 192 or 10. ipaddress, then the outside world can't talk to them, unless they initiate the conversation.

    Using a firewall inside a network environment can cause all sorts of spurious problems, slowness, timeout's, filesharing issues. So I'd concentrate on the perimeter, and make sure the PC are patched, and have upto date AV and anti-malware products.

    Thanks. I was kind of wondering about that.
This discussion has been closed.
Meet your Ambassadors

🚀 Getting Started

Hi new member!

Our Getting Started Guide will help you get the most out of the Forum

Categories

  • All Categories
  • 351K Banking & Borrowing
  • 253.1K Reduce Debt & Boost Income
  • 453.6K Spending & Discounts
  • 244K Work, Benefits & Business
  • 599K Mortgages, Homes & Bills
  • 177K Life & Family
  • 257.4K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 16.1K Discuss & Feedback
  • 37.6K Read-Only Boards

Is this how you want to be seen?

We see you are using a default avatar. It takes only a few seconds to pick a picture.