|
|
 |
|
|
Pages: 1
Firewall FAQ for Cable/DSL users
(Click here to view the original thread with full colors/images)
Posted by: OTS Staff
Cable/DSL users have other problems associated with having a constant 24/7 connection to the sometimes-unforgiving Internet. You need protection, because now every time your computer is on, it’s exposed to prying eyes, and in some cases malicious hacker attacks...
So, you got a Cable/DSL connection? I bet you love it, no more waiting for your Dial-up modem to connect to your ISP (Internet Service Provider), or wasting 30 minutes of your precious time for that mp3 to download. That is, if you don’t get disconnected in the process. Yes the joys of dial-up are over for some, but Cable/DSL users have other problems associated with having a constant 24/7 connection to the sometimes-unforgiving Internet. You need protection, because now every time your computer is on, it’s exposed to prying eyes, and in some cases malicious hacker attacks. The decision is yours, what are you going to do? You have several options. The first one is canceling your Cable/DSL service, and never going on the Internet again, which I don’t think anyone would choose. The other option, which many people have done, is getting some form of a firewall, which is a great option, but this poses many other questions… For one, what is a firewall.
Explain Please
Simply put, a Firewall is a system that prevents unauthorized access to or from a private network by examining the incoming packets and/or requests coming from (in this case) the Internet. Here’s an analogy, let’s say a firewall is like a bouncer at a 21 and over bar called MyNetworkRocks, and the unauthorized InternetGuru is under 21. Well, because InternetGuru is under 21 he’s not getting past the firewall (bouncer) into MyNetworkRocks, at least not easily. Firewalls can be setup with software, hardware, or both, depending on how paranoid, I mean secure, you want to be.
Decisions, Decisions
If you decide to install a firewall, there are some things to consider. First you need to choose how much you want to spend and then what type of firewall would best suit your needs. Firewalls can fall into two categories: hardware and software - as well as a combination of both. I am going to explain the difference, advantages, and disadvantages of both, as well as using hardware, and software together. I will also give some examples of different products. Wait! How do I know if I need a firewall? Every time you are on the Internet, you run the risk of an attack. Plus, if you have a Cable/DSL connection with a static IP address, it becomes that much easier for someone to exploit your computer. If you would like more proof you can go and test the security of your computer. First, try Shields UP!. It’s an excellent website to test how secure your computer is, as well as a great place for information on firewalls. Then, you can try HackerWacker; both are good sites to test your computers' security from possible attacks.
Hardware Firewalls
A hardware-based firewall is basically a physical device that will be located between your network and the Internet. In the case of a Cable/DSL connection, the device will go between your Cable/DSL modem and your computer, hub, or switch. There are several different options when choosing a hardware firewall; depending on if you already have a home network (LAN) with multiple computers, or if you have just one connected to the Internet. If you have a home network with multiple computers you can use a device that is becoming more popular called a broadband router. Most broadband routers use a technology called NAT (Network Address Translation). NAT will hide your internal network address from the Internet, which a broadband router commonly uses as a form of firewall security. Tech Extreme reviewed a couple of these devices the Linksys Etherfast, and the D-link DI-701. I will also be reviewing the same type of device from SMC called the Barricade in the next few weeks. The prices for these devices range from $100 to $200 depending on the specifications and the company. The advantages of using one of these devices are that the firewall is just a feature of these products, and not the main function. People usually buy them because they are an all-in-one solution that does many things. For example, act as a switch, hub, or print server, as well as share your Internet connection to the computers on your network. That sounds great, but what if you only have one computer and you do not have plans for setting up a home network? Then, you have different options.
With one computer you can still buy a broadband router, but I only recommend it if you plan on setting up a home network in the future. It is a little too expensive as a solution for one computer. However, there is a hardware solution you can buy, it’s a device called the Firewall Switch, which when activated can completely eliminate your security problem by disabling the connection (while not in use) between your Cable/DSL modem and your computer. I will be reviewing this product soon. Some people say that Hardware firewalls are more secure, in the case of the Firewall Switch it’s true, but a disadvantage with a broadband router is that it will only scan and deny packets up to layer 3 of the OSI model, which doesn’t fully eliminate attacks on things like SMTP (email), and applications. That’s where software firewalls come in, which will scan and deny unauthorized packets up to layer 7 (Application Layer).
Software Firewalls
A software firewall is not a physical device; it is an application that runs on your computer. Your situation will depend of the type of setup and/or software you will need, and there are advantages and disadvantages for all solutions. Many companies make software firewalls, and prices for most range from free to $60. Most people will use software if they have just one computer. An advantage over hardware firewalls is price; for example, you probably won’t get a broadband router for free, but you will with a software firewall. Even if you do pay it will most likely be half the price of a hardware solution. Some of the more popular software firewalls include, Zone Alarm (Free), BlackICE Defender ($39.95), Norton Internet Security 2000 ($59.95), and ConSeal PC Firewall ($49.95 and up). All of them are great, with advantages and disadvantages for each, and there are many others to choose from as well. The good thing with most software firewalls is that they do protect to layer 7 (application). By examining all the way up to the application layer, software firewalls can intelligently decipher what’s going within the data packet, and deny access based on that information. In addition, most software will even put an unauthorized users’ originating IP address that was attempting to access your computer on a “black list” which will prevent future attempts at compromising your firewall security. So why do I need a hardware firewall if a software firewall is half the price and more secure? The main reason is if you do have a home network it would be a pain to have all of your computers running personal firewall software, when you can stop traffic at the connection point with a hardware firewall solution. Another thing to consider is what if you already have a network setup with a dual-homed (two NIC’s) computer, and its running some form of Internet connection sharing software like Microsoft’s ICS? There is a solution for this as well…
Hardware/Software Firewall
I saved this for last because it’s a cross between software and hardware. To answer the question above, if you are already sharing your Internet connection with a computer, you still need a firewall. I will not go into too much detail since I already wrote a complete article on Internet connection sharing, but only some of the software out there that is used to share your Internet connection includes a firewall. Microsoft’s ICS does not, but WinProxy does. So if you have this type network setup it would be wise check if the software you are running does have firewall functionality. The other hardware/software solution is this; let’s say, you have a home network, and you already have broadband router that uses NAT, like I said before it will only protect you up to Layer 3 (network), well you can add personal firewall software to all of your computers, if it will help you sleep at night. That is termed as the “hardware/software firewall paranoia solution”. It may be funny, but I know many who do it, including myself...
There you have it, a solution for just about anyone. Depending on what your situation is will decide on which firewall is best for you. I cannot stress enough the importance of a firewall though, and hopefully I have provided some insight on the different options out there. You will have to do some testing at the sites mentioned above, but in the end it will be worth the time, money, and effort spent. I’m sure everyone wants privacy on his or her computer(s) from the Internet; it just depends on how far you want to go.
<font size="1"><i>SOURCES: Tech Extreme & NetworkingNews.Org</i></font>
|
|
|
|
|
