I am looking for a good DSL firewall that will allow me to specify exactly what ports I want open and closed. I don't want a software firewall for my pc (this is for more playing around than protection). The one I currently have now only allows me 10 TCP ports at a time, and then it is just NAT. Suggestions would be appreciated.
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations derfloh on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
DSL Firewall 1
- Thread starter jonlake
- Start date
Broadband routers out there use NAT to protect the IP addresses of each PC sharing the DSL connection (even if it's just one PC). You can also specify open and closed port forwarding.
Just as a word to the wise, it is often a good idea to use both a hardware (NAT) and software firewall (like Zonealarm Pro). NAT protects from the outside, while software helps control applications trying to use the net from within. Also run Spybot and Ad-Aware regularly to remove spyware.
~cdogg
[tab]"The secret to creativity is knowing how to hide your sources"
[tab][tab]- A. Einstein
Just as a word to the wise, it is often a good idea to use both a hardware (NAT) and software firewall (like Zonealarm Pro). NAT protects from the outside, while software helps control applications trying to use the net from within. Also run Spybot and Ad-Aware regularly to remove spyware.
~cdogg
[tab]"The secret to creativity is knowing how to hide your sources"
[tab][tab]- A. Einstein
- Thread starter
- #4
-
1
- #5
OK, you may be getting these answers because of the question you asked. You asked about a "DSL Firewall". This implies a connectivity option to control the DSL connection itself, which then implies a router, which tends to include a hub, which tends to include both NAT and some *basic* port filters.
If this *WAS* your intent, then the answers are valid. BUT are you looking for a hardware firewall to sit behind the NAT'ing router? If so, then your options are plentiful.
Products exist by Checkpoint, Snap, Cisco, 3Com, Dlink, eSoft, and DOZENS others. I googled and found this handy link.
AS A LINUX USER (bigot) I would strongly encourage you to reconsider the software firewall options. You can use a two-NIC, low-end PC with either a disk or cd-rom based firewall. This allows you to setup a nearly infinite combination of ports, NATs, quality of service, priority queueing, DMZ and bandwidth monitoring options that far exceed the price/value of the hardware products above.
The LINUX LIST is just as large....
Smoothwall, Astaro, Trustix, Jay's Firewall, etc.
here's a link to get you started on this one...
By the way, you can integrate the DSL connection into on of the Linux NICs with the use of rp-pppoe. This way you can monitor the DSL port and throttle/manage it directly.
Surfinbox.com Business Internet Services - National Dialup, DSL, T-1 and more.
If this *WAS* your intent, then the answers are valid. BUT are you looking for a hardware firewall to sit behind the NAT'ing router? If so, then your options are plentiful.
Products exist by Checkpoint, Snap, Cisco, 3Com, Dlink, eSoft, and DOZENS others. I googled and found this handy link.
AS A LINUX USER (bigot) I would strongly encourage you to reconsider the software firewall options. You can use a two-NIC, low-end PC with either a disk or cd-rom based firewall. This allows you to setup a nearly infinite combination of ports, NATs, quality of service, priority queueing, DMZ and bandwidth monitoring options that far exceed the price/value of the hardware products above.
The LINUX LIST is just as large....
Smoothwall, Astaro, Trustix, Jay's Firewall, etc.
here's a link to get you started on this one...
By the way, you can integrate the DSL connection into on of the Linux NICs with the use of rp-pppoe. This way you can monitor the DSL port and throttle/manage it directly.
Surfinbox.com Business Internet Services - National Dialup, DSL, T-1 and more.
Well, going with a true hardware firewall solution like Sonicwall or Watchguard is definitely overkill for a home DSL connection, especially if you have a dynamic IP address. For home connections, regular broadband routers with NAT working in tangent with a software firewall on your PC should be more than enough security.
However, using a hardware firewall does add that extra layer of security, especially if you're running a web server or have a static IP. As far as I know, both Sonicwall and Watchguard are two of the best in the industry. However, expect to pay some real royalties to get your hands on a decent version (>$1000).
~cdogg
[tab]"The secret to creativity is knowing how to hide your sources"
[tab][tab]- A. Einstein
However, using a hardware firewall does add that extra layer of security, especially if you're running a web server or have a static IP. As far as I know, both Sonicwall and Watchguard are two of the best in the industry. However, expect to pay some real royalties to get your hands on a decent version (>$1000).
~cdogg
[tab]"The secret to creativity is knowing how to hide your sources"
[tab][tab]- A. Einstein
- Thread starter
- #7
EVERY linux-based firewall from the last two years SHOULD support IPTABLES-based firewalls. This means its about three lines of firewall code to enable NAT. VERY COMMON, almost ubiquitous.
Surfinbox.com Business Internet Services - National Dialup, DSL, T-1 and more.
Surfinbox.com Business Internet Services - National Dialup, DSL, T-1 and more.
- Status
Similar threads
- Locked
- Question
- Locked
- Question