Clear the smoke but will I regret?

Discussion in 'other firewalls' started by zappa, May 16, 2002.

Thread Status:
Not open for further replies.
  1. zappa

    zappa Registered Member

    Joined:
    Feb 9, 2002
    Posts:
    176
    Location:
    Los Angeles, Ca.
    I am wavering on the the need to use a firewall on my home PC.  I have multiple layers of security starting with registry protection all the way up to the best A.V. and A.T. programs.  

    Questions:
    1) Are firewalls overrated?  
    I think so.

    2) Do I really need one?
    We will see.

    3) How vulnerable will I really be?
    We will see.

    4) Aren't most of the real threats going to come through e mail which has nothing to do with the firewall?

    5) How paranoid can you get and is the web about paranoia?  If you were kicking back at the park on a sunny day with your shirt off watching betty's rollerblading by in their bathing suits all while surfing the net are you going to be as paranoid as couped up in your jail cell where your PC presently is docked?

    I think not.

    6) If you back up your data who cares if you lose a drive.  HD's are cheap these days and who knows maybe it would be a good thing to lose a drive now and then to remind you that it's just another material object that can go poof.

    I just lost my main drive due to nothing more then wear and tear.  No worm or virus or 16 to 45 year old hacker brought my system down.  My two slave drives ended up being just fine.  I replaced my 20 gig main with an 80 gig HD that is newer and faster and better.  Then I added more ram while clearing out the spiders living between the modules.  

    My wife was not happy with the event as she was precluded from surfing and checking her e mail etc. and I did not back up her favorites so she will have to re invent the wheel somewhat.   I was very bummed initially as I had backed up less then more and in hindsight I would would back up different things like pictures and  documents rather then the OS and programs that I have already replaced.  Oh well live and learn.


    Back to the topic.  I am blowing off a firewall and going with multi level security with strong e mail protection, I don't use Outlook and in fact uninstalled it, and moving on.  I'm sure people will raise a few dozen eyebrows but I see the need to lose a few pounds of paranoia.

    Out of the jail cell and into the park I go.

    If I disappear again for a couple of weeks that probably means I got nailed by a worm, virus or hacker and I am out searching for a newer bigger and better HD again!!
     
  2. UNICRON

    UNICRON Technical Expert

    Joined:
    Feb 14, 2002
    Posts:
    1,935
    Location:
    Nanaimo BC Canada
    Since money isn't too tight over there, buy a hardware firewall/router to keep out the port scans and trojan connections. $100 is all you need. Set-it and forget-it. I haven't even thought about those two workhorses I have for months. Software firewalls a good for some stuff like keeping spyware and stuff in, but they can't compare to a hardware firewall for keepin sh!t out.

    I employ twin 3com 3c510s. You'll only need 1. You can easily connect many computers to the net and do networking too. It has a printer server so one printer can service all computers without one having to always be on.

    There are other brand names but I like the 3com. They come wireless now too if you like that kinda thing.
     
  3. Checkout

    Checkout Security Rhinoceros

    Joined:
    Feb 11, 2002
    Posts:
    1,226
    I, for one, would like to know more about h/w f/ws.  I'd never considered one before.  Cost?  Function?  Italian styling?  Connection via USB?
     
  4. UNICRON

    UNICRON Technical Expert

    Joined:
    Feb 14, 2002
    Posts:
    1,935
    Location:
    Nanaimo BC Canada
    lol for real!

    scissor doors perhaps?

    Hard ware firewalls of the home user kind are generally $100 give or take $20 depending. In Canada they are $100 - $160cnd so maybe more like $65 - $100 usd? anyway they are dirt cheap and that is what matters.

    Malware can't shut em down. Malware won't even know its there. A prog can call home from inside to outside, but a sub7 scanner cannot connect to a running trojan from outside to inside (unless you purposely let it). A hardware firewall/router basically keeps outside stuff outside. It also simplifies SOHO networking 100 fold

    Want stealth, no prob.

    Don't want to waste CPU cycles fending off port scans? Don't, get dedicated hardware for that.

    Don't want a trojan listening on a server port? doesn't matter, it can listen till it cries for its mommy, nothing is going to be connecting to it unless you log into your router and manually open a server port to let it. To try out the sub7 emulator used with tds3 I had to open port 27374 to let sub7 scans in.

    Hardware routers however don't stop outgoing connections in most cases, and screw with netmeeting and other progs that have a crappy file transfer functionality built in (icq, msnmessenger, netmeeting etc) Chat part works but just not the transfer part sometimes. Real Server stuff like FTP and SSH work fine because they use server ports. Netmeeting wants to open any port it chooses and that ain't cool bro!

    So although not a full replacement for a software firewall, it definately is better than a software firewall alone. A dos attack on the router from the net will not affect your home network inside, even if your internet connection on the outside is pinned.

    Generally home networking multiple computers on a shared cable or dsl IP is pretty insecure if you don't know exactly what you are doing, but the router makes it easy.

    USB? I think some models have usb connection capability. Why you would prefer this to ethernet is beyond me.
     
  5. Checkout

    Checkout Security Rhinoceros

    Joined:
    Feb 11, 2002
    Posts:
    1,226
    USB because I have a USB ISDN connection at home.  USB on the wall, USB on the back of the computer.

    Do you know any websites advertising these beasts?  Thanks.
     
  6. FanJ

    FanJ Guest

    Checkout,

    Just for my understanding:

    If you would like to have a router, do I understand you right that you mean that:

    1) on the WAN side of the router you need USB connection
    2) on the LAN side of the router you need USB connection.

    Did I understand that right that you were saying that you need both 1) and 2) ?
     
  7. Checkout

    Checkout Security Rhinoceros

    Joined:
    Feb 11, 2002
    Posts:
    1,226
    Jan,

    At home, my son's computer connects to ISDN.  The ISDN phone socket has a USB connection, so he just runs a USB-USB cable from the computer to the phone socket.
     
  8. FanJ

    FanJ Guest

    Hi Checkout,

    I see.
    I will dig up some info for you; I have posted before a little bit about it, and I have somewhere some links.
    But that was not about ISDN connection but about (A)DSL
     
  9. FanJ

    FanJ Guest

    Hi Checkout,

    I have started this thread about hardware firewalls and an USB-ADSL-modem:

    http://www.security-pro.co.uk/yabb/YaBB.pl?board=security;action=display;num=1021563199

    I'm aware that you were talking about an ISDN connection, and not about an ADSL connection.
    However, I hope you might find maybe some usefull info there or in the links I posted.
     
  10. root

    root Registered Member

    Joined:
    Feb 19, 2002
    Posts:
    1,723
    Location:
    Missouri, USA
    Hi zappa. I don't think firewalls are particularly over rated. Software firewalls are a second line of defense against malware that might get installed on your computer.
    I don't consider myself paranoid, just prudent. I don't want to redo my hard drive unless its of my own choosing.
    I don't worry about DDOS attacks and such, but there are always script kiddies around looking for a place to play.
    Another question though. I'm on 56k dial up. How do I get a cheap hardware firewall?
     
  11. UNICRON

    UNICRON Technical Expert

    Joined:
    Feb 14, 2002
    Posts:
    1,935
    Location:
    Nanaimo BC Canada
    I dunno the answer to that. My router has these connection options:

    Dynamic IP Address       Obtain an IP address from ISP automatically.
    Static IP Address          ISP assigns you a static IP address.
    PPP over Ethernet        Some ISPs require the use of PPPoE to connect to their services.
    Dial-up Network            To surf the Internet via PSTN/ISDN.

    However, it can only accept an internet connnection via cat5 or COM. Weird no? Ah I see, if the dailup/ISDN modem is EXTERNAL and has a COM port, we can use this router

    be right back.

    <though experiment>

    computer with internal modem dials out...

    router yet has no IP...

    computer can't dial anywhere through router with no IP.....

    can a router dial?.......

    find and buy dialing router.....

    computer stays connected to router via ethernet/usb/modem......

    dialing-router does the dialing and disconecting...

    use router admin access to tell it when to dial and disconnect...

    </though experiment>

    I am back! Unless a HW router/firewall can do its own dialing, an internal modem is probably going to be a problem. Does such a router exist?

    dunno, Jan?
     
  12. FanJ

    FanJ Guest

    My guess would be that there is indeed no router for dial-up, but I definitely have to say that I'm not quite sure about that!
    Maybe I could find some info.......

    As said in the thread about "hardware firewall and USB-ADSL-modem", you could build your own gateway machine. Then your dial-up modem has to be connected to your gateway machine, or put in that one in case of an intern dial-up modem. And then make an Ethernet connection between that gateway machine and your PC (or, if you would like, an USB-USB connection).
    BTW: that thread about "hardware firewall and USB-ADSL-modem" is here:
    http://www.security-pro.co.uk/yabb/YaBB.pl?board=security;action=display;num=1021563199
     
  13. zappa

    zappa Registered Member

    Joined:
    Feb 9, 2002
    Posts:
    176
    Location:
    Los Angeles, Ca.
    It is interesting how what appears to be a negative event turns out to be a positive event but only after time has passed does one figure this out.

    Somehow UNICRON, Checkout and FanJ traveled down the path I had decided upon.   Thank you all for answering my questions, if indirectly, as we are going wireless on a Linksys 802 Wireless Ethernet DSL router.  My very patient and very cool wife is going the laptop direction so as to be separated from my PC super tweaking that leads mostly to tweaking her mellow personality in the wrong direction when I inhibit her on line access.  

    I've heard some ISP's/browsers don't work well on the wireless method and I need to research that issue.  

    Anyone know of a forum where wireless issues are discussed?  






     
     
  14. UNICRON

    UNICRON Technical Expert

    Joined:
    Feb 14, 2002
    Posts:
    1,935
    Location:
    Nanaimo BC Canada
    if the router works properly and is set up right, I don't see how a browser or isp will be able to tell it is wireless.

    Can't say I am a wireless networking guru, but I get by ;)

    Sure can't say enough good things about my logitech cordless optical mouse though! Best d@mn $100 I ever spent. Except that time that girl said to me: "hey would you like to... " oops I was fading away there!
     
  15. zappa

    zappa Registered Member

    Joined:
    Feb 9, 2002
    Posts:
    176
    Location:
    Los Angeles, Ca.
    OK.  Good info.  Hopefully super tweaker will figure out the router/network pc card/laptop install as I will be doing a self install.  LOL.    I usually start all installs with something strong like vodka.  
     
  16. FanJ

    FanJ Guest

  17. FanJ

    FanJ Guest

  18. UNICRON

    UNICRON Technical Expert

    Joined:
    Feb 14, 2002
    Posts:
    1,935
    Location:
    Nanaimo BC Canada
    suggested retail price $729.00 inc gst.!!!!!!!!!!!!! I'll asume this is Canadian dollars since GST is included? I know Australia has GST (that is where our idiot got the idea from) by the US does not.

    hardly counts as "cheap", but now we know they exist.

    it would be cheaper to use an external modem with a regular router. External modems are generally superior to internal ones anyhow.
     
  19. FanJ

    FanJ Guest

    Yeah, what a price......
     
Thread Status:
Not open for further replies.