Router

Have a question or want to start a discussion? Post it! No Registration Necessary.  Now with pictures!

Threaded View
Although I use only one computer. I would like to add a router for the
firewall protection.

Any specific suggestions?

Thanks for the help.

Re: Router
Tom In Maine wrote:

Quoted text here. Click to load it


Yes: reconsider this stupid idea

Re: Router
wrote:

Quoted text here. Click to load it

Thanks for your help. You can now put your head up your arse again.


Re: Router

"Tom In Maine" wrote in message
Quoted text here. Click to load it

Linksys, Netgear, or D-link -- a FW-router, and whatever you get make sure
you get one that meets the specs in the link  for *What does a FW do.

Netgear makes an ICSA FW router, that will meet the specs.

http://www.vicomsoft.com/knowledge/reference/firewalls1.html


Re: Router
On Sat, 12 Jan 2008 13:33:08 -0500, "Mr. Arnold" <MR.
Arnold@Arnold.com> wrote:

Quoted text here. Click to load it

Thanks that was a very informative link.


Re: Router
Quoted text here. Click to load it


Unless you run servers or do something else that is beyond the average
user's activity, you don't need any more of a firewall than NAT
translation gives you and every home router with more than one local
LAN jack gives you that.


Find someone that's gotten a WiFi router and has a wire-only router on
the shelf, somewhere.


Re: Router
Quoted text here. Click to load it

I agree.

Any home broadband gateway that you can get on ebay or in the
dumpster will work.






Re: Router
Tom In Maine wrote:
Quoted text here. Click to load it
.
.
  I'll try to be a little more helpful than Sebastian.

  If you are just using this computer for normal home use (I.E, no Top
Secret nuclear weapons documents, etc...), most of the routers you'll
find at Best Buy will be fine.  If you don't have a laptop (and don't
plan on getting one soon), don't get a wireless router.

  This will HELP protect you from 95% of the random internet trash out
there, like port scanners.

  If a LIVE person really decides they want to break into your network,
a router won't be too tough to get through.  You will still need to
practice good security on your PC.  For example, don't store sensitive
iformation like account numbers or social security numbers on your hard
drive.  Archive them to a CD-ROM.  Don't make a list of all your
passwords to all the websites you go to and save it on your computer...
print it out, or archive it to a CD-ROM.

  Sebastian will probably tell you that all you need to do is turn on
Windows Firewall.  You should do this, too, but adding a router between
you and the Wild adds another layer of protection.

  Its like your car.  If you lock the doors, most thieves will move on
to a car that ISN'T locked.

Re: Router
On Sat, 12 Jan 2008 13:10:55 -0600, "Ryan P."

Quoted text here. Click to load it

It will definitely be NOT wireless.
Quoted text here. Click to load it

All reasonable things that I do now. Thanks for enumerating them.

Quoted text here. Click to load it

I just ignored him.

Quoted text here. Click to load it

Excellent points.

Thank you very much.


Re: Router
Ryan P. wrote:


Quoted text here. Click to load it


What about no router and no firewalling at all? Such things are utterly
pointless for normal home use, hence he should save his money and optionally
invest it in something he really needs or wants.

Quoted text here. Click to load it


Who cares, as long as the rest 5% get through and will cause trouble?

Quoted text here. Click to load it


The router adds exactly zero protection.

Quoted text here. Click to load it


Except that a router doesn't add any security.

Re: Router
Am Sat, 12 Jan 2008 21:34:29 +0100 schrieb Sebastian G.:

 
Quoted text here. Click to load it

I totally aggree with you Sebastian, the companies try to suggest security
is a drag and drop thing. As you can see these tactics helps to sell the
most crap.

cheers

Re: Router
Quoted text here. Click to load it

A router doesn't, but any home broadband gateway with more than one
RJ45 jack on the inside ever made is going to run NAT and NAT is a
drop-dead firewall for incoming connections.

That's exactly what the vast majority of retail computer users need as
a big part of a safe computing regime.













Re: Router
Al Dykes wrote:


Quoted text here. Click to load it


Apparently you don't understand how NAT works. Dropping an incoming packet
is only done if others means of routing the packet fail:
- existing NAT states (denote that this can be triggered at the client)
- Layer 7 protocol helpers
- a DHCP's server knowledge about connected clients
- UPnP and network topology discovery
- guessing the most likely target (!)

Quoted text here. Click to load it


Nonsense. The vast majority abuses MSIE as a webbrowser, MSOE as a
newsreader, Windows Messenger as IM and Windows Media Player as media
player, and a router doesn't change anything about this trivial exploitability.

Re: Router
Quoted text here. Click to load it

I'm using a Netgear WGR 614.  Along with NAT it offers SPI (stateful packet
inspection), and the option turn off response to ping and UPnP.  It does
support wireless, however the radio can be turned off if you don't need it.
If/when you do you can enable WPA2 encryption.  This router only costs $39.
This is so affordable that I don't see the point of using a previous
generation router without the more advanced firewall options.  JMHO of
course.


Re: Router
Tom In Maine writes:

Quoted text here. Click to load it

Hi Tom,

Don't let Sebastian's cheery demeanor and pedantry over terminology
dissuade you from a good idea of some hardware based protection
between you and the internet.   Right after he tells you that what you
propose is a bad idea, he'll be sure to tell you that the "firewall"
software that is currently the only thing keeping your computer from
unsolicited internet traffic is completely inadequate.    

what's your budget?  If "under $100" is the target, a lot of folks
have used the Linksys BEFSR41 (wired) or WRT54GL (includes wireless
functionality) to good success.  Both include a stateful packet
inspection hardware based firewall.  It's not a "real" firewall in the
way boxes costing several times this would be, but it's also largely a
plug and play effort versus spending a signficant portion of your week
learning to configure it.

Wired only:
http://www.newegg.com/Product/Product.aspx?Item=N82E16833124001&Tpk=befsr41

Wireless as well, and the version that lets you grow into 3rd party
firmware if you ever decide to play with it:
http://www.newegg.com/Product/Product.aspx?Item=N82E16833124190

Best Regards,
--
Todd H.
http://www.toddh.net /

Re: Router
Todd H. wrote:

Quoted text here. Click to load it


It's not pedantry that makes a router not a protection...

Quoted text here. Click to load it


Nonsense. After all, unsolicited traffic should not be a problem at all -
conversely, if it is, then a firewall can't help either.

Re: Router
Quoted text here. Click to load it

Except that most Windows users have computers that don't properly block
unsolicited traffic, and most are subject to very weak security
implementations.

A simple NAT router is protection against being reached by unsolicited
traffic and does a great job at it.

At the very least, a simple NAT router is the first line of defense for
home users.

--

Leythos
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
  drug dealer an "unlicensed pharmacist"
spam999free@rrohio.com (remove 999 for proper email address)

Re: Router
Am Mon, 14 Jan 2008 06:32:50 -0500 schrieb Leythos:


Quoted text here. Click to load it

no, thats not true, with the router the net behind that device is not more
or less secure, think about the zombies in bot nets.
does all those user don't have nat router's? ;)


cheers

Re: Router
Quoted text here. Click to load it

Good point. A NAT router is just part of the safe computing toolbox.

If you don't keep your software patched and then you click on an evil
email or website, poof, you're a zombie.  

You need ant-virus software.  I also use and recommend the etc/hosts
file distributed by these good folks. It blocks mor ethan 7,000 sites
that are known to be evil in some way.

     http://www.mvps.org/winhelp2002/hosts.htm

Anti-spyware gets run once in a while, too.







Re: Router
Al Dykes wrote:


Quoted text here. Click to load it


Since a NAT router doesn't provide any security by itself, I fail to see how
it could be part of a security concept. After all, NAT is supposed to
provide, not to limit connectivity (and the RFC explicitly states so).

Quoted text here. Click to load it


Need?

Quoted text here. Click to load it


Which is about the most stupid suggestion of the month.

Quoted text here. Click to load it

Well, yeah, to show how incompetent it is. But where's the relation to
security? It's not like the output of such software would have any relevance
whatsoever.

Site Timeline