Hardware firewall question

Discussion in 'other firewalls' started by Albinoni, Nov 28, 2005.

Thread Status:
Not open for further replies.
  1. Albinoni

    Albinoni Registered Member

    Joined:
    Feb 17, 2005
    Posts:
    709
    Location:
    Perth, Western Australia
    Do hardware firewalls stop Trojans or is it only software ones that do. I've had some mixed answers re this question, as some say yes and some say no. I thought No myself.
     
  2. TopperID

    TopperID Registered Member

    Joined:
    Oct 1, 2004
    Posts:
    1,527
    Location:
    London
    Hardware FWs do not block outbound traffic, so they cannot prevent a Trojan from 'phoning home'. But of course that assumes you have already been infected by a trojan that is attempting to send out information.

    However a hardware FW will be able to stop hackers from getting into your machine from the outside.
     
  3. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    hardware firewall only stop inbound attacks. if u want to stop a trojan from calling home ull need a software firewall with outbound capabilities or an app like AppDefend.
     
  4. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    With a hardware firewall you can control both inbound and outbound network connections. If malware running on a system behind the firewall was to use a common service to connect out, ie. HTTP, then it would probably succeed as this along with other common remote services would be permitted. If it used something other than common service ports to communicate then a properly configured hardware firewall would stop it. Stateful inspection is also going further these days in some hardware firewalls and network communications involving common services can be monitored closer for anomalies.

    Regards,

    CrazyM
     
  5. budfox

    budfox Registered Member

    Joined:
    Apr 5, 2005
    Posts:
    103
    Some hardware firewalls have built in AV's to catch trojans/ virus's/ greyware/ ect. I am running a fortigate 60 that has all of this and IPS.

    I have run the hardware firewall and process control for months now with no problems..I still think process controll is a much better way to control trojan type behavior since there are so many ways to circumvent outbound protection).
     
Loading...
Thread Status:
Not open for further replies.