Router

Although I use only one computer. I would like to add a router for the firewall protection.

Any specific suggestions?

Thanks for the help.

Reply to
Tom In Maine
Loading thread data ...

Yes: reconsider this stupid idea

Reply to
Sebastian G.

Linksys, Netgear, or D-link -- a FW-router, and whatever you get make sure you get one that meets the specs in the link for *What does a FW do.

Netgear makes an ICSA FW router, that will meet the specs.

formatting link

Reply to
Mr. Arnold

I agree.

Any home broadband gateway that you can get on ebay or in the dumpster will work.

Reply to
Al Dykes

. . I'll try to be a little more helpful than Sebastian.

If you are just using this computer for normal home use (I.E, no Top Secret nuclear weapons documents, etc...), most of the routers you'll find at Best Buy will be fine. If you don't have a laptop (and don't plan on getting one soon), don't get a wireless router.

This will HELP protect you from 95% of the random internet trash out there, like port scanners.

If a LIVE person really decides they want to break into your network, a router won't be too tough to get through. You will still need to practice good security on your PC. For example, don't store sensitive iformation like account numbers or social security numbers on your hard drive. Archive them to a CD-ROM. Don't make a list of all your passwords to all the websites you go to and save it on your computer... print it out, or archive it to a CD-ROM.

Sebastian will probably tell you that all you need to do is turn on Windows Firewall. You should do this, too, but adding a router between you and the Wild adds another layer of protection.

Its like your car. If you lock the doors, most thieves will move on to a car that ISN'T locked.

Reply to
Ryan P.

Thanks for your help. You can now put your head up your arse again.

Reply to
Tony of Dyker Beach

Thanks that was a very informative link.

Reply to
Tom In Maine

It will definitely be NOT wireless.

All reasonable things that I do now. Thanks for enumerating them.

I just ignored him.

Excellent points.

Thank you very much.

Reply to
Tom In Maine

Unless you run servers or do something else that is beyond the average user's activity, you don't need any more of a firewall than NAT translation gives you and every home router with more than one local LAN jack gives you that.

Find someone that's gotten a WiFi router and has a wire-only router on the shelf, somewhere.

Reply to
Al Dykes

What about no router and no firewalling at all? Such things are utterly pointless for normal home use, hence he should save his money and optionally invest it in something he really needs or wants.

Who cares, as long as the rest 5% get through and will cause trouble?

The router adds exactly zero protection.

Except that a router doesn't add any security.

Reply to
Sebastian G.

I'm using a Netgear WGR 614. Along with NAT it offers SPI (stateful packet inspection), and the option turn off response to ping and UPnP. It does support wireless, however the radio can be turned off if you don't need it. If/when you do you can enable WPA2 encryption. This router only costs $39. This is so affordable that I don't see the point of using a previous generation router without the more advanced firewall options. JMHO of course.

Reply to
Victek

Am Sat, 12 Jan 2008 21:34:29 +0100 schrieb Sebastian G.:

I totally aggree with you Sebastian, the companies try to suggest security is a drag and drop thing. As you can see these tactics helps to sell the most crap.

cheers

Reply to
Burkhard Ott

A router doesn't, but any home broadband gateway with more than one RJ45 jack on the inside ever made is going to run NAT and NAT is a drop-dead firewall for incoming connections.

That's exactly what the vast majority of retail computer users need as a big part of a safe computing regime.

Reply to
Al Dykes

Apparently you don't understand how NAT works. Dropping an incoming packet is only done if others means of routing the packet fail:

- existing NAT states (denote that this can be triggered at the client)

- Layer 7 protocol helpers

- a DHCP's server knowledge about connected clients

- UPnP and network topology discovery

- guessing the most likely target (!)

Nonsense. The vast majority abuses MSIE as a webbrowser, MSOE as a newsreader, Windows Messenger as IM and Windows Media Player as media player, and a router doesn't change anything about this trivial exploitability.

Reply to
Sebastian G.

Hi Tom,

Don't let Sebastian's cheery demeanor and pedantry over terminology dissuade you from a good idea of some hardware based protection between you and the internet. Right after he tells you that what you propose is a bad idea, he'll be sure to tell you that the "firewall" software that is currently the only thing keeping your computer from unsolicited internet traffic is completely inadequate.

what's your budget? If "under $100" is the target, a lot of folks have used the Linksys BEFSR41 (wired) or WRT54GL (includes wireless functionality) to good success. Both include a stateful packet inspection hardware based firewall. It's not a "real" firewall in the way boxes costing several times this would be, but it's also largely a plug and play effort versus spending a signficant portion of your week learning to configure it.

Wired only:

formatting link
Wireless as well, and the version that lets you grow into 3rd party firmware if you ever decide to play with it:
formatting link
Best Regards,

Reply to
Todd H.

It's not pedantry that makes a router not a protection...

Nonsense. After all, unsolicited traffic should not be a problem at all - conversely, if it is, then a firewall can't help either.

Reply to
Sebastian G.

Except that most Windows users have computers that don't properly block unsolicited traffic, and most are subject to very weak security implementations.

A simple NAT router is protection against being reached by unsolicited traffic and does a great job at it.

At the very least, a simple NAT router is the first line of defense for home users.

Reply to
Leythos

Am Mon, 14 Jan 2008 06:32:50 -0500 schrieb Leythos:

no, thats not true, with the router the net behind that device is not more or less secure, think about the zombies in bot nets. does all those user don't have nat router's? ;)

cheers

Reply to
Burkhard Ott

Good point. A NAT router is just part of the safe computing toolbox.

If you don't keep your software patched and then you click on an evil email or website, poof, you're a zombie.

You need ant-virus software. I also use and recommend the etc/hosts file distributed by these good folks. It blocks mor ethan 7,000 sites that are known to be evil in some way.

formatting link
Anti-spyware gets run once in a while, too.

Reply to
Al Dykes

Think about how the NAT means that the bots out on the net can't reach the machine behind the NAT.

Once a machine is compromised all bets are off, but we're not talking about compromised machines, we're talking about how to best keep from being compromised.

A NAT router will allow you to be unreachable while you install your OS, while you do many things, from behind it, so that you can configure your machine to be more secure.

The inbound barrier is a MUST HAVE solution.

Reply to
Leythos

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.