Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
firewall software
- Thread starter keune76
- Start date
mattjurado
MIS
Can you run a hardware firewall, or a NAT router instead? I always prefer hardware devices, so your system does not suffer any performance degradation, and all traffic hits the device, not your computer. I like the Linksys routers.
Matt J.
Matt J.
Matt,
Hardware firewalls are mainly effective in protection from outside attacks. They are NOT designed to protect from trojans and worms that cling to downloaded files and work from the inside-out.
It is always a good idea to use a combination of both. Without a doubt, NAT technology is a must-have. If you could only have one, then that would be the one to have. However, there's no denying that a software firewall is #2 on the list.
__________________________________________________
~cdogg
[tab]"The secret to creativity is knowing how to hide your sources"
[tab][tab]- A. Einstein
Hardware firewalls are mainly effective in protection from outside attacks. They are NOT designed to protect from trojans and worms that cling to downloaded files and work from the inside-out.
It is always a good idea to use a combination of both. Without a doubt, NAT technology is a must-have. If you could only have one, then that would be the one to have. However, there's no denying that a software firewall is #2 on the list.
__________________________________________________
~cdogg
[tab]"The secret to creativity is knowing how to hide your sources"
[tab][tab]- A. Einstein
- Thread starter
- #5
mattjurado
MIS
Cdogg, I never said hardware routers would block trojans and viruses. Oh and by the way, many of your basic firewall programs will not protect you from viruses, you need a virus scanner to do that. I was simply trying to make a point that throwing in a hardware device is more efficient than downloading the latest zone alarm release. Watch your statements when you correct somebody next time.
Matt J.
Matt J.
Sorry Matt, but I still disagree. You cannot lump viruses, trojans, and worms into the same category. Your "virus scanner" (as you put it) protects you from viruses that have been discovered. Worms and trojans work much differently. They will use your existing connection to make contact back to the host or to perform an attack such as a DoS.
I hate to break it to you, but your hardware firewall and Norton Antivirus with up-to-date definitions are not enough. Ever heard of Code Red? That's right, it wasn't that long ago. This worm was eventually tracked and added into the protection of antivirus scanners, but the behavior of this type of intrusion is not inherently known. So, future intrusions of this type probably won't be caught either.
Step in and use basic firewall software. It will monitor any requests that attempt to access the network or make outside contact. Not only is this good for protection against trojans and worms, but it also helps you filter out spyware and see what's happening in the background. Sorry pal, but your antivirus software and router are not enough!!
I will make corrections where necessary...
![[thumbsup2]](/data/assets/smilies/thumbsup2.gif "[thumbsup2] [thumbsup2]")
__________________________________________________
~cdogg
[tab]"The secret to creativity is knowing how to hide your sources"
[tab][tab]- A. Einstein
I hate to break it to you, but your hardware firewall and Norton Antivirus with up-to-date definitions are not enough. Ever heard of Code Red? That's right, it wasn't that long ago. This worm was eventually tracked and added into the protection of antivirus scanners, but the behavior of this type of intrusion is not inherently known. So, future intrusions of this type probably won't be caught either.
Step in and use basic firewall software. It will monitor any requests that attempt to access the network or make outside contact. Not only is this good for protection against trojans and worms, but it also helps you filter out spyware and see what's happening in the background. Sorry pal, but your antivirus software and router are not enough!!
I will make corrections where necessary...
__________________________________________________
~cdogg
[tab]"The secret to creativity is knowing how to hide your sources"
[tab][tab]- A. Einstein
mattjurado
MIS
But if you configure your router to block all incoming traffic (except those ports you specifically foward through), code red, or any other trojan, is not going to get in.
Matt J.
Matt J.
Matt,
This is turning into a longer discussion than it needs to be. Code Red attacked IIS on Microsoft NT systems. It came in through port 80, the standard port for HTTP. Unless you configured your router to block all HTTP traffic, any servers on your network could have easily been affected. That is why over 250,000 pc's across the U.S. alone were infected within just a few days. Yes, even those with tight security on their Linksys or Cisco routers didn't stand a chance.
Granted, having a software firewall wouldn't have made much difference either in this case. But there are many cases if I choose to go down the list, that would show why having a combination of a router and software firewall is more effective and actually preferred.
You also seem to dodge the value of being able to monitor spyware activities. Personally, I like to know when Microsoft applications or any other app for that matter is trying to access the internet without my permission. You'd be surprised what you might find...
__________________________________________________
~cdogg
[tab]"The secret to creativity is knowing how to hide your sources"
[tab][tab]- A. Einstein
This is turning into a longer discussion than it needs to be. Code Red attacked IIS on Microsoft NT systems. It came in through port 80, the standard port for HTTP. Unless you configured your router to block all HTTP traffic, any servers on your network could have easily been affected. That is why over 250,000 pc's across the U.S. alone were infected within just a few days. Yes, even those with tight security on their Linksys or Cisco routers didn't stand a chance.
Granted, having a software firewall wouldn't have made much difference either in this case. But there are many cases if I choose to go down the list, that would show why having a combination of a router and software firewall is more effective and actually preferred.
You also seem to dodge the value of being able to monitor spyware activities. Personally, I like to know when Microsoft applications or any other app for that matter is trying to access the internet without my permission. You'd be surprised what you might find...
__________________________________________________
~cdogg
[tab]"The secret to creativity is knowing how to hide your sources"
[tab][tab]- A. Einstein
- Status
