Usually after i install my windoze XP ( my install cd is of SP1 vintage :P) i install all the updates etc, but last time , since i got my router , i didnt
I mean, it worked , so why bother
it worked till a friend of mine borrowd the router. since i was using netlimiter as a software firewall, i guesses that the router didnt make a difference, but within seconds of connecting , all sorts of funny processes started coming up, and net usage shot up.my firefighting was in vain, and my xp has been 0wned, so to speak. Right now Iām in my ubuntu install, waiting to get my router back
Iāve heard folks say that nothing beats a hardware firewall.. why .. why is it safer behind a router or a hardware firewall ?
Hold on a sec, netlimiter isnāt really a firewall, so donāt think it is.
As for patches, you had better install them because a firewall will only protect against some of the vulnerabilities that patches prevent.
What you had there was not a router protecting you, but rather NAT protecting you. If it had been a true router (and not a NAT), you would have been hosed long ago.
Basically, the NAT does not forward any incoming connections unless you specifically tell it to.
When you removed the NAT box, incoming connections from the net were able to get through to your machine and attack any vulnerable services listening on those portsā¦
Basically what the NAT did was create two zones - the internet and the intranet. The Internet was listed as bad (i.e. no incoming allowed) and the intranet was listed as good (all incoming allowed).
You can do this with a software firewall just as well. The real advantage of a hardware firewall is simply that it is dedicated.
basically the router firewall blocks any and every incoming connection that u have not authorized or configured the router to allow.
this is the reason why one needs to carry out āport forwardingā to use torrents on net connections via routers.
the same thing can be done on software firewalls as well..I have been using the ZoneAlarm firewall for a while now, and i must say iām really impressed with it..no spyware..no adware..
Software firewalls theoretically have some other advantages (based on protocol scrubbing and deep packet inspection), but with suitable hardware, that can be obtained too.
One simple way of obtaining a cheap hardware firewall is to setup an old PC running routing software on it and switching off every other service on it.
If nothing else, why not use WinXP SP2 firewall? It is pretty decent at preventing incoming packets from attacking youā¦
Only works in countries where cost of electricity is cheap.
In our country, you will get the same effect with something similar to D-Link 502T and you wont have much to learn to setup and your electricity bills will be low.
Unless if this sort of thing really thrills (which i really doubt) then by all means set up a bsd box with PF.
.. why is it safer behind a router or a hardware firewall ?
, with rules and everything. I have a Linksys WRT54G