Smoothwall vs Netgear router

The AP will be in the trusted zone so other machines can be hacked wire or
wireless.


If the router is ICSA certified, then you may want to get it. If it's not
then you may not want to get it. Most wireless routers  for home usage I
have seen are not ICSA certified.


If the router is ICSA certified, then it should be a FW router that should
be able to do everything that Smoothwall can do with the Smoothwall being a
host based FW solution and the FW router being a standalone appliance
solution, in regards to them both being network/Internet FW solutions.

As someone can hack the wireless on the LAN and join your wireless network
standalone WAP or wireless router and be all over the top of your machine
wired or wireless, you may need to better secure or harden the O/S(s) to
attack or put a PFW on them only allowing traffic between specified LAN
IP(s).

Netgear has ICSA certified wire routers and some others make them too. That
with a standalone WAP connected to the router is a choice.

At the min., the first link indicates what a host based or appliance
solution such as a packet filtering FW router or FW appliance should meet in
the specifications of a network FW.

http://www.firewall-software.com/firewall_faqs/what_does_firewall_do.html
http://www.more.net/technical/netserv/tcpip/firewalls/
http://netsecurity.about.com/cs/wireless/a/aa112203_2.htm

You should get something that has a syslog that Wallwatcher or KWIW Syslog
Daemon can be used and watch traffic to/from possible dubious remote WAN
IP(s).

Duane :)

On Saturday 03 June 2006 1:20 am Duane Arnold wrote:

Agreed that is a possibility. I'd be using an AP with WEP and WPA security and
MAC address authentication. Being new to this I assumed it would be secure.
Are you saying it would not be good enough?

I can't see anything to say it is ICSA certified.


OK, I can see that this is an option but I don't quite understand. Would the
WAP be on my internal network? If so, presumably that still leaves my network
open to someone who hacks the wireless? Or are you saying that the WAP would
be outside of my network. Sorry if I'm being a bit stupid here.
 

All good information. Many thanks.
--
Dave.
dave (at) dhoulden (dot) demon (dot) co (dot) uk

For the next door neighbor that doesn't know anything, I would say yes. For
the hacker with some expertise, I would say no.


Most wireless NAT routers are not ICSA certified.


 > Or are you saying that the WAP would

No, the WAP would be in the trusted zone on the LAN.



All I am saying here is just be aware of the wireless issues.

You should use Google and look up War Driving if you don't know what it
means.

Duane :)