Smoothwall vs Netgear router

Have a question or want to start a discussion? Post it! No Registration Necessary.  Now with pictures!

Threaded View


Hi,
Looking from some advice please.

I have a small home network (Linux and Windows) connected to NTL cable through
a PC running Smoothwall. This works great but the Smoothwall hardware is
becoming unreliable and I need to think about a replacement. Also, I would
like to add wireless to my network. Options I am considering are:

1. Build a replacement Smoothwall to replace the existing one and put a
wireless access point on the network.

2. Replace the Smoothwall with a wireless router. The Netgear WGT624 has been
recommended to me but I'm open to suggestions.

The question I have is about the firewall capabilities of the Netgear (or
similar) compared with Smoothwall. Would my network be as secure with the
Netgear as with the Smoothwall? I only occasionally open up ports on the
Smoothwall, the rest of the time it runs "as supplied". To be safe from the
outside world with the Netgear, would I need firewalls on the machines on my
network?

Thanks in advance.  
--
Dave.
dave (at) dhoulden (dot) demon (dot) co (dot) uk

Re: Smoothwall vs Netgear router



Quoted text here. Click to load it

The AP will be in the trusted zone so other machines can be hacked wire or
wireless.

Quoted text here. Click to load it

If the router is ICSA certified, then you may want to get it. If it's not
then you may not want to get it. Most wireless routers  for home usage I
have seen are not ICSA certified.

Quoted text here. Click to load it

If the router is ICSA certified, then it should be a FW router that should
be able to do everything that Smoothwall can do with the Smoothwall being a
host based FW solution and the FW router being a standalone appliance
solution, in regards to them both being network/Internet FW solutions.

As someone can hack the wireless on the LAN and join your wireless network
standalone WAP or wireless router and be all over the top of your machine
wired or wireless, you may need to better secure or harden the O/S(s) to
attack or put a PFW on them only allowing traffic between specified LAN
IP(s).

Netgear has ICSA certified wire routers and some others make them too. That
with a standalone WAP connected to the router is a choice.

At the min., the first link indicates what a host based or appliance
solution such as a packet filtering FW router or FW appliance should meet in
the specifications of a network FW.

http://www.firewall-software.com/firewall_faqs/what_does_firewall_do.html
http://www.more.net/technical/netserv/tcpip/firewalls /
http://netsecurity.about.com/cs/wireless/a/aa112203_2.htm

You should get something that has a syslog that Wallwatcher or KWIW Syslog
Daemon can be used and watch traffic to/from possible dubious remote WAN
IP(s).

Duane :)





Re: Smoothwall vs Netgear router


On Saturday 03 June 2006 1:20 am Duane Arnold wrote:
Quoted text here. Click to load it
Agreed that is a possibility. I'd be using an AP with WEP and WPA security and
MAC address authentication. Being new to this I assumed it would be secure.
Are you saying it would not be good enough?
Quoted text here. Click to load it
I can't see anything to say it is ICSA certified.

Quoted text here. Click to load it
OK, I can see that this is an option but I don't quite understand. Would the
WAP be on my internal network? If so, presumably that still leaves my network
open to someone who hacks the wireless? Or are you saying that the WAP would
be outside of my network. Sorry if I'm being a bit stupid here.
 
Quoted text here. Click to load it
All good information. Many thanks.
--
Dave.
dave (at) dhoulden (dot) demon (dot) co (dot) uk

Re: Smoothwall vs Netgear router



Quoted text here. Click to load it

For the next door neighbor that doesn't know anything, I would say yes. For
the hacker with some expertise, I would say no.

Quoted text here. Click to load it


Most wireless NAT routers are not ICSA certified.

Quoted text here. Click to load it

Yes


True

 > Or are you saying that the WAP would
Quoted text here. Click to load it

No, the WAP would be in the trusted zone on the LAN.


Quoted text here. Click to load it

All I am saying here is just be aware of the wireless issues.

You should use Google and look up War Driving if you don't know what it
means.

Duane :)




Site Timeline