hardware firewalls

Started by Brynn, January 04, 2006, 08:47:48 AM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

Brynn

January 04, 2006, 08:47:48 AM
Hi Friends,
Someone recently recommended getting a hardware firewall, for ideal internet security.  Plus, I've seen it mentioned on various security-related websites and forums.  So I've been looking into it and trying to learn what I need to know.  However there are a couple of points I'm not clear on and I wonder if some member(s) knowledgable about this issue could help me understand.

By far the majority of current info, or at least what I've found so far, is directed towards either dsl/broadband/cable or networked systems, or both.  And I understand...well, maybe I should say, my understanding is that dsl/broadband presents security issues not usually seen with dialup; which probably the growing use of dsl explains the proliferation of such info, and products as well.

But what is a non-networked dialup user to do?  The info I've read seems to recommend the hardware firewall for all computer users, plus I don't think whoever recommended it to me even knew what kind of connection I use. Yet I'm having trouble identifying products for dialup users who don't have a network.  I have seen some products which claim to work with either dialup or cable.  But I haven't found any for dialup only.

Maybe there aren't any, maybe there's no such thing?  It just seems to me that a hardware firewall without a router would be less expensive....but do they exist?  Or is this just not an urgent issue for non-network dialup users?  I ran a search on Google for "hardware firewalls" but excluding the words dsl, cable, network, broadband, and router -- there were only 2 results, neither very helpful.

What am I missing about this issue?  Any info and/or comments would be appreciated  :)  What features are important in a hardware firewall for dialup users?

Best wishes for the New Year!
"To sin by silence when they should protest makes cowards of men." - Abraham Lincoln

Ripley

#1
January 04, 2006, 01:01:31 PM
Hi Brynn,
I had and have the same questions that you do.  Did a search w/ little info that was clear for non-networked dial-up only.  Been checking out which hardware firewall to get for the last 3 weeks.
The dial-up/cable option is appealing, as I want to eventually drop the dial-up and go to DSL.
Also have 3 family members that are still trying to sort out hardware firewall choices with little luck...2 are cable and the other DSL.

Skittles

#2
January 04, 2006, 02:45:14 PM
I am fairly new to the Firewall world myself. ;)

From what I have understood that the main reason why a pc using dsl or cable is more vulnerable is mainly because it is online at all times.  Well, as long as you have your computer on.  If you shut it down, then of course it is not connected.

With the dial up, you disconnect the internet when you want to, but can still leave the computer on, but with the dsl or cable it is not the same.  It is connected when you turn the computer on, as long as your external modem is on and connected, that is.

Also as far as I have understood that the firewalls are made for whichever internet connection you chose.  So there really is no difference whether you have dialup, cable or dsl, you use the same firewalls.  For the firewall is protecting you from what can come across to your computer regardless of which way you are connected.  Just as long as you are connected you are vulnerable, so the firewall is what will protect your from such vulnerabilities.

The firewall that I chose, after talking to many computer experts and guru's, is ZoneAlarm.  So far it has been simple to use and has worked out just fine.  I have installed it on many computers, regardless to which internet connection they have used.  Some have been dsl, most have been dialup, and some has been cable.  The zonealarm has not seemed to run any differently or protect stronger or less strong on any of the different connections, I have used it on.

Brynn

#3
January 04, 2006, 08:47:11 PM
Thanks for your support, ripley and skittlespc  :)

But skittlespc, are you talking about software or hardware firewall?  Because everything you say is agreeable for a software firewall.  But I have not seen a hardware firewall made by Zone Alarm.  Doesn't mean they don't make one, but I just want to be sure I understand your comments ;)
"To sin by silence when they should protest makes cowards of men." - Abraham Lincoln

Ripley

#4
January 04, 2006, 09:54:58 PM
Hey Brynn,
Be sure to post if you find more info on hardware firewalls, dial-up or not.  I actually did a search at a few computer stores using "hardware firewall" & "firewall router" and there were many options.  Not that I totally understood the differences w/ them.
Another question I have is, are people using a software firewall and a hardware firewall at the same time?  It would appear so.
Another place that I have learned alot concerning a whole variety of "connecting to the internet" questions is at the other forum that Corrine hangs at...Freedomlist forum.  The link there is in Corrine's signature.

Eric the Red

#5
January 04, 2006, 10:30:41 PM
Brynn and Ripley,

The best advice that I can give to you is to make a cup of coffee (or your beverage of choice), put up the "Do Not Disturb" sign and read the information about firewalls that may be found at this link.

Once you have taken that in come back and ask questions, we will be happy to assist.

Zone Alarm is an example of a software or application firewall.  :thumbsup:
"The time to start running is around about the "e" in "Hey, you!" "

Ripley

#6
January 04, 2006, 11:44:34 PM
Eric the Red!

WOW!  Was that ever a helpful link on firewalls and in a language I could understand!  I need to go back and spend more time on it.  It was brief on the hardware firewall part, but answers the question of having a software firewall first, then adding a hardware FW for added secuirity.
It also made it so much clearer how a rules based FW works w/ examples in an associated link w/ screen shots!   :Yahoo:

Is there similiar software that comes w/ a hardware FW or router that you also configure like a software FW?


Brynn, for me, I think my review of hardware firewalls would be greatly improved if I also keep checking products online AND do the hands-on approach and drive to some stores and see what I can see & hear there.  At that point, I think I would be in a better position of posting specific questions here that could be answered here.  I know when I did my search at different computer stores online I saw "hardware firewall" and "firewall routers" as 2 different products.  That's all I know for now.

Eric the Red

#7
January 05, 2006, 12:21:35 AM
One of the best descriptions of a hardware firewall that I know of comes from a poster by the name of TonyT at WindowsBBS.com

QuoteA hardware firewall is a separate dedicated device used for detecting and stopping unauthorized access to computers it is set up to protect. A cable/dsl router/gateway with NAT (Network Address Translation) is a hardware firewall.

Some hardware firewalls also include additional firewall features such as SPI (Stateful Packet Inspection), reverse lookup & logging, antivirus etc etc, all the bells and whistles seen in common software firewalls such as Zone Alarm and others. These features generally are not available in products for the home user and are used commercially as they are expensive. Some home user devices have built in features to integrate with a home user software firewall.

In short, a hardware firewall is basically nothing more than a tiny computer, using a hard drive or RAM or ROM, and is dedicated to a small amount of tasks such as protecting the computers connected to it. Any home computer can be made into a hardware firewall by installing certain software applications and network cards and configuring it to protect the network. It can even be made to perform exactly like a cable/dsl router and do the job just as well, if not better.

source: http://www.windowsbbs.com/showthread.php?t=25950
"The time to start running is around about the "e" in "Hey, you!" "

winchester73

#8
January 05, 2006, 12:38:07 AM
On this box, I have a hardware firewall in the form of a NAT router, and a software firewall named Zone Alarm Professional.

IMO, a software firewall MUST be used if there is no NAT Router installed on the ADSL or Cable Modem connection, and also if you are behind a wireless NAT/router.

The basic task of a NAT router is to block incoming connection attempts. Putting it as your interface to the Internet will protect you from simple incoming connection attempts (and also unsolicited UDP).

Behind a NAT router you should see NO incoming connections, unsolicited or not, unless you start opening ports.

On a residential ADSL or cable modem, the use of a simple NAT router is probably sufficient, especially if you practice other safe computing habits. I would think as a minimum that a NAT router should be installed on any ADSL or Cable Modem connection.

If your NAT router is completely stealthed, you don't open up any ports to be visible to the Internet, and your IP address assignment is dynamic (and will change when you power cycle the modem), I would think you are OK.

However, routers are vulnerable to very clever crackers ... that's why a software firewall is used. A firewall goes beyond the simple inspection of individual packets, and actually monitors, records, and tracks each individual TCP connection (or attempted connection) to verify its validity. The software firewall is not susceptible to some of the sophisticated SYN floods, FIN probes, fragment attacks, and other tricks that can be thrown at the simple NAT router.

For some relatively unbiased advice: http://www.wilders.org/firewalls.htm

Simple way to test the need for a firewall ...

Go to http://grc.com/ and run "shields up". Click through the first page and on the next page scroll down to "shields up" on the left side. Click it and run "full service port scan". When finished it will give you an option at the bottom for a summary. A pass = all stealth, no open ports, and no ping replies !
Speak softly, but carry a big Winchester ... Winchester Arms Collectors Association member

Brynn

#9
January 07, 2006, 12:41:24 AM
Hi again,
Thanks everyone, for all the info.  Most of it I had already read, and as ripley pointed out, not much of it is about hardware firewalls, specifically.  But great info nevertheless :wink:

I guess the closest thing to an answer to my questions is from the quote from another website's forum, posted by Eric the Red.
Quote"These features generally are not available in products for the home user and are used commercially as they are expensive. Some home user devices have built in features to integrate with a home user software firewall."
But it doesn't say what these "home user devices" are called.  I've looked at some hardware firewalls in some online stores.  But until I know what I'm looking for, it's going to be a waste of time and energy going out to retail stores (I'm in poor health so shopping isn't easy).

Can someone tell me what these "home user devices", referred to in the quote, are called?  Are they routers?  Are there any hardware firewalls intended for dialup, non-networked users, or are they only for dsl/broadband?  What are the "built in features" called?

Or should I just assume that dialup, non-networked users don't need a hardware firewall, in addition to a software firewall?
"To sin by silence when they should protest makes cowards of men." - Abraham Lincoln

Tarnak

#10
January 07, 2006, 01:23:00 AM
 The following links may help:



"Breathe New Life into Old Hardware

Many of us have old computer hardware we rarely, if ever, use. You can easily put that equipment back in service and upgrade your IT household-wide at the same time.

Page 4 of 5
DIY Firewall"

http://techworthy.com/PCUpgrade/JulyAug2004/Breathe-New-Life-into-Old-Hardware.htm?Page=4

http://www.smoothwall.org/

Brynn

#11
January 07, 2006, 04:15:22 AM
Oh RATS!!
I donated my last machine to a charity.  But I'll bet it would be easy to find a reasonably priced used one!
Thank you, Tarnak  :D
"To sin by silence when they should protest makes cowards of men." - Abraham Lincoln

Skittles

#12
January 09, 2006, 10:30:07 AM
Quote from: Brynn on January 04, 2006, 08:47:11 PM
Thanks for your support, ripley and skittlespc  :)

But skittlespc, are you talking about software or hardware firewall?  Because everything you say is agreeable for a software firewall.  But I have not seen a hardware firewall made by Zone Alarm.  Doesn't mean they don't make one, but I just want to be sure I understand your comments ;)

Yes I was referring to Software Firewalls.  Sorry for the confusion.

Brynn

#13
January 10, 2006, 04:40:16 AM
No problem :)
"To sin by silence when they should protest makes cowards of men." - Abraham Lincoln

ErraticToad

#14
January 12, 2006, 12:37:56 PM
Think about your question for a few seconds and you'll understand why the answer is no. Dialup users (to the best of my knowledge) can not take advantage of a hardware firewall.

Now, strictly speaking I am talking about home dial-up and not work based RAS access and the like.

The inteface between your PC and phone provider is a telephone cable that plugs into your modem and I haven't seen, not have I heard of a box that sits between modem and phone socket. Alternatively if you had an external modem then the extra cable would be modem to serial port and again I don't know of any hardware box that does firewall for your PC in these scenarios.

At the moment a software firewall is the way forward. HTH.

---------
eToad
---------
Hopping along in happy lane.
Print
Go Up Pages1
User actions