questions about routers and hardware firewall

Discussion in 'other firewalls' started by Ranget, Dec 6, 2011.

Thread Status:
Not open for further replies.
  1. Ranget

    Ranget Registered Member

    Joined:
    Mar 24, 2011
    Posts:
    846
    Location:
    Not Really Sure :/
    simple question why do you prefer to turn USB feature off in router ?

    and what is the difference between
    Soho ,SPI ,NAT Firewall ?

    and actually how good is a hardware firewall
    is hackable from out side ?
    Like if a hacker know my IP address and i got both Hardware+ software firewall will he be able to hack into my computer if all the port is stealthed
    Remotely

    also I've my hardware firewall port 80 is open and the other is closed how
    much of security hazard are those
    should i change my router ?

    are there ways to create a Hardware Firewall without using Router
    and how much reliable is that ?

    Edit :

    Also i want to add
    that i know that routers are a Mini computer that run os Like linux /dd wrt or what ever to filter packets
    are there a way to create a Firewall that will electrically filter the in bound packets without an os
    Like if there is a way to know from electric voltage of frequency if a packet is inbound or outbound
    and we can create a Filter that is Fool Proof for inbound Traffic
    i tried to Look for how Hardware Firewall is Made But didn't find any resources about that
    anyone here can shed a lite on this idea ?
     
    Last edited: Dec 6, 2011
  2. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,029
    Yes, you can run router/firewall systems on PCs. For example: "pfSense is a free, open source customized distribution of FreeBSD tailored for use as a firewall and router. -http://www.pfsense.org/ It's as reliable as your hardware, I think. New low-power PCs cost about 300 USD. I like AMD E-350 better than Atom. You can get by with one ethernet interface by using vLAN and smart switch. But dual or quad port NICs are better, and Intel NICs are best. See -http://forum.pfsense.org/ for discussion about hardware.
     
  3. Ranget

    Ranget Registered Member

    Joined:
    Mar 24, 2011
    Posts:
    846
    Location:
    Not Really Sure :/
    thanks mirimir

    i'm considering this solution even that's it's a bit expensive
    but i'm Looking for a further answers Regarding How a Hardware Firewall work

    i searched all over the internet and didn't Find a lot of useful information about the Electric Point of View of a Hardware Firewall

    because as we all Know Data get transferred as an electric signal
    and if there is a way to detect that an incoming connection is inbound and differ that from outbound Rule i think we will be able to Create a Fool Proof Firewall by making a voltage regulator or something smiler that has no programming in it that can be tempered with

    anyway i'm still Looking for more answers Regarding the Above questions
     
  4. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    You should look for infos on linux packet filters, which is basically what a router firewall is. Remember that a router is really nothing more than a minimized computer with an OS, although it is in the form of fimrware. Some routers firmware can be replaced with customized firmware.

    As far as how the firewall works, it is just a packet filter or state table. Learn about a linux firewall distro, such as pfsense or m0n0wall or ipcop, you should get a decent understanding. Good enough for consumer routers with firewalls.

    Get into true firewall appliances, and maybe things are different, but those cost $$$.

    This is as I understand it anyway. Someone with more infos than I might correct this.

    Sul.

    EDIT: Sorry, I guess I just paraphrased what you already said. Your best bet is to study linux infos for regular firewall approaches. Regarding true hardware, you could maybe make a way to block data based on voltages, but I don't know you could ever create a firewall, that filters. That is what the packet information is for, and I have never seen mention of different packets having different electronic characteristics to use as signatures/indicators, althought that doesn't mean they don't exist.
     
  5. Ranget

    Ranget Registered Member

    Joined:
    Mar 24, 2011
    Posts:
    846
    Location:
    Not Really Sure :/
    thanks for the Info I'm really digging into that and the more i read the more
    i found about the hardware firewall can be exploited remotely
    which i never realized before

    a lot of security Expert saying that a Hardware Firewall with a good password is bullet proof which kind of comforting and making us Feel secure
    but the Real question is this really true

    if there are vulnerability they are either very hard to Pull or didn't got discovered yet else we will be seeing worms penetrating firewalls all the time
    but there is still a possibility of a hack

    anyway I'm trying to dig more into this maybe contacting a Router manufacturer Cisco or DLink

    anyway i will report back if i found more info
     
  6. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    Is this your own equipment or is it provided by your ISP? Are you sure it's the router and not an ISP supplied modem that has this port opened? A lot of ISP supplied equipment has port 80 open for remote administration. Unless you actually need remote administration, I'd disable it. Unless remote administration is enabled, hardware firewalls are hard to crack from the internet. If port 80 is open on ISP provided equipment, it could be reconfigured from the web by anyone who knows their default passwords.

    Regarding making your own hardware firewall, another one to look at is Smoothwall. I've been using version 2.0 on an old P5-133mhz for several years. It's been very reliable at DSL speeds. Total cost was 3 network cards.

    It doesn't work that way. You're thinking in analog terms. Internet packets have a specific packet structure they have to follow in order to be properly recognized and processed. Frequency or voltage are not variables here and are not used to differentiate any of the characteristics of internet packets. There's no realistic way to filter internet traffic based solely on electrical characteristics. Some form of an operating system is necessary. Smoothwall for instance uses a Linux core. Using an OS to run the router or hardware firewall isn't as bad as it sounds. On a hardware firewall or router, the miniature OS has one tasks, which is running the router or firewall software. It's not like the PCs OS which has to run many types of software, serve as an interface for the user, store data, multitask, etc. The OS that powers a router or hardware firewall is far less exposed and much less vulnerable. MOst of the time, this OS can't be accessed at all without the root password. Unless there's some major undisclosed bug in the code, they're not vulnerable to attacks from the web. Unlike Windows, they don't become unstable after running for an extended period of time.
     
  7. mack_guy911

    mack_guy911 Registered Member

    Joined:
    Mar 21, 2007
    Posts:
    2,677
  8. Ranget

    Ranget Registered Member

    Joined:
    Mar 24, 2011
    Posts:
    846
    Location:
    Not Really Sure :/
    the problem that it used to be stealth then suddenly opened

    thanks for the other info i think i will try to build my own firewall platform
     
  9. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    Assuming that this is ISP supplied equipment, the open port could be the result of a firmware update or configuration change on their part. My ISP supplied DSL modem had port 80 open when I got it. The previous one also had the telnet port open. Every one I've had so far also has a high range port open that can't be closed by changing configurations. These have included 43287 and 54109. If you scan all the ports, not just the lower ones that Shields Up does by default, you might find more open than you expect.

    If you plan on building your own, you have some good additional options open to you. I don't have the link handy, but there is a DSL modem on a PCI card that works in Smoothwall. There's a link somewhere on the Smoothwall site to it. There's also 4 port ethernet cards (not sure on their compatibility with Smoothwall) that could be used to replace a router. If so inclined and depending on the type of service you have, you could build a combination unit (modem-firewall-router) that replaces several pieces of hardware.

    Just some options you can look into.
     
  10. Ranget

    Ranget Registered Member

    Joined:
    Mar 24, 2011
    Posts:
    846
    Location:
    Not Really Sure :/
    Do you know services that does that ?

    thanks But i think i will stick with discrete Modem
     
  11. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    Didn't see your reply.
    I could find no information regarding the purpose of these open ports. It was a different port on each DSL modem but always past port 20,000. There were no services tied to them that I could see. I can only speculate that it's a remote access that's added by the ISP or modem vendor.
     
  12. Ranget

    Ranget Registered Member

    Joined:
    Mar 24, 2011
    Posts:
    846
    Location:
    Not Really Sure :/
    the Problem went away :| it's very weired but it went away by it self !!!!
    or something that i don't know
     
  13. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    A couple of questions.
    1, Do you have any server applications on your PC?
    2, Do you have UPnP enabled? If it is, the port could have been opened via UPnP. I seem to recall a web exploit from a while back that used flash to manipulate UPnP. Wouldn't be surprised if there are more ways that this can be done. On both my equipment and all applications with configuration options for it, UPnP is disabled plus I have the software firewall set to block and alert me to any outbound attempts to use it.
     
  14. Ranget

    Ranget Registered Member

    Joined:
    Mar 24, 2011
    Posts:
    846
    Location:
    Not Really Sure :/
    1, Do you have any server applications on your PC?

    Not that i'm aware of

    2, Do you have UPnP enabled?
    nope checked it more than once


    i don't know what the heck happened in that router but for it looks supernatural
     
  15. BrandiCandi

    BrandiCandi Guest

    Like noone_particular pointed out, it isn't really possible to filter traffic based on voltage. I think what you're looking for would be denying all incoming traffic & allowing outgoing traffic only on the ports you specify.
     
Loading...
Thread Status:
Not open for further replies.