hey guys,

Do you guys know where i can get some Router information about its security, but not on a specific brand just general. Could a firewall (NAT) be disable? For example, software firewalls can be disabled by certain trojans. Is it possible for a hardware firewall to be disabled or corrupted? If you guys got ne links based on Routers(security) plz posted below.


YODA

Hi Yoda

Router/Gateways provide great security that is independent of your system. There is quite a variety available. Some offer NAT, which affords you good inbound protection by virtue of the way it works. Others offer actual firewalling, VPN endpoints, content filtering, etc. in addition to NAT. Now it is just a matter of finding the one that is YOU ;)

Some links to get you started:

Small Netbuilder (http://smallnetbuilder.com/)
Practically Networked (http://www.practicallynetworked.com/)

[edit] As for vulnerabilities, one thing to be careful with is any remote access features these appliances offer.

Regards,
CrazyM

A trojan or virus couldn't harm a router but they can be compromised by a hacker.

EG: The linksys ones have an exploit that needs to be patched.

hey crazy M,

Nice sites.....thanx.

hey Unicron,

How can they be compromised by a hacker, and is the only thing you can do is update the firmware?

YODA

Many routers have a flash program offerd now and then which is just like flasing your motherboard BIOS. If a hacker had acces to ones computer. all they have to do is execute the flash program and say stop it midway and that will render the router nonworkable.
Now to take that one step further, say the hacker had changed the flash program to suit their needs and executed it from within? well then they could just about do anything , now couldn't they?

-{ Quote: " quoting: yodafan link=board=23;threadid=5653;start=0#37132 date=1040537648]
hey crazy M,

Nice sites.....thanx.

hey Unicron,

How can they be compromised by a hacker, and is the only thing you can do is update the firmware?
" }-

Remote administration of a router/gateway presents an opportunity for them to be exploited. The exploit for the Linksys was in the code for the remote admin interface (if I recall correctly) and has been patched and only applied if you had that feature enabled. Remote administration is not something most home users are likely to need, and if the router/gateway you use provides this functionality, it is best left disabled.

Most manufacturers will upgrade the firmwares for their router/gateways periodically to add/improve features and fix problems. It is always a good idea to keep yourself informed of these updates and what they provide.

Regards,
CrazyM

From what I see NAT is IP masquerading only on my router/gateway.
For instance my new router/gateway offers different levels of firewalling. NAT being the most basic. The levels are what determine
which ports are allowed to pass data OUT or IN and on which protocal
HTTP:, FTP:, ect.
Besides the firewall some offer non access to netmeeting, certian web pages you chose and even certian IP addresses, Instant messaging ect.

I posted some material in another thread on this.