Specific protections from "true" firewall...?

Howdy,

I have a L It is my understanding that the Linksys router-firewall will prevent outsiders from getting into our small net, but I don't know what further protection, is afforded by installing something like Smoothwall, or another "true" hardware firewall.

I do know that Smoothwall would provide much more information about attempted intrusions etc., but that would not be the same as added protection.

Installing Smoothwall, or some such, would be cheap, easy, and might be interesting.

Only I can decide if that might be worth doing, and in order to make that decision ask what additional protection would I actually be getting.

Very sincere thanks,

Hello again,

I appreciate your comments but they do not resp "It is my understanding that the Linksys router-firewall will prevent outsiders from getting into our small net, but I don't know what further protection, is afforded by installing something like Smoothwall, or another "true" hardware firewall."

So, (assuming for the moment that my comment that the Linksys "will prevent outsiders from getting into our small net" is correct), I am trying to learn about the additional benefits of a "true" hardware firewall.

I have read all of the Smoothwall manuals and still don't understand the answer to my question just above. I do understand (among other things) that Smoothwall would provide a ton of information about the frequency and nature of attempts to intrude, but that does not seem to provide and advantage with regard to the likelihood of intrusion.

Said another way, if outsiders "can't get in" when I run the Linksys why would I need anything further to protect my network against intrusion?

Please understand, I am not challenging the value of a true firewall (hardware or otherwise). I am certain that they have benefits. I am just trying to learn more about what the specific benefits are.

Thanks again,

to get off real cheap...I have found that if you use two Linksys routers, model number BEFSX41s (NOT the BEFSR41s), you can get some real security. Maybe others in this group can confirm or deny this configuration. You have to setup one router to work with the Linksys default of 192.168.1.1 and the other to 192.168.x.1 where x is any number between 2 and 254. You plug the WAN connection of one router to your broadband modem, then you connect the WAN connection of your second router into a LAN port of the first router.

for a real firewall/router that is reasonably priced, check this one out...

the people here in this NG can give some real advice as to the value of this product. This is just my non-security professional (read this security person wanabee) advice.

The avenue of attack you are trying to secure is malicious code running on one of your PCs opening a connection to a remote host and then allowing access.

Can smoothwall help? Yes if you put in rules to limit outbound connections where possible.

Also the use of squidguard or dansguardian can filter incoming http, but this is not in the default install.

The best thing you can do is solve the problem of running malicious code on the PC itself.

Smoothwall is a very good platform out of the box and extendibles if you have the time and inclination to work at it

If you look at the smoothwall archives you can find lots of the things that have been done with it.

john

Kenneth wrote in news: snipped-for-privacy@4ax.com:

The Linksys routers do not have firewalls and you're lucky if they have SPI. The Linksys router will never be able to match what a *true* firewall application or appliance can do to protect a network.

I got a Linksys myself and they are good appliances, but they are not FW appliances.

The link may help a little bit in understanding FW(s).

Duane :)

I wonder about the adantages of a 'real' firewall, particularly if you are wanting to run VPN clients on the firwall (not through it). You are warning about not running any unnecessary VPNs (who would want to run unnecessary ones?) for speed reasons. I'd like to know real firewalls such as the hotbrick are actually running a version of Linux on a low spec pc or dedicated processor with low memory in which case Smoothwall on a modern pc or even a older lower spec pc with plenty of ram might be faster (and cheaper).

The main advantage besides more comprehensive protection would hopefully be faster and more able to handle a larger number of clients with everything switched on; not that I'm a great fan of linksys at the moment..