A minimal firewall determines which packets to allow in by consulting two
tables, one of active connections initiated from the inside, and one
(optional) of permitted connections from the outside. That's probably all
that most "firewall" features of SOHO routers provide.
Software firewalls typically add two additional features: content
filtering (looking for viruses and exploit code within valid HTTP
connections, for instance) and outbound filtering.
A hardware firewall cannot distinguish between a recipe you're emailing to
Aunt Betty, and an email virus (or spam proxy) sending out junk. A software
firewall, though, can tell that one is coming from the email client you use,
and the other is coming from some rogue application.
(Some enterprise-class firewalls add the ability to do much of this on a
hardware firewall. If you paid less than $15K, yours doesn't.)
David Gillett
On 19 Aug 2005 at 3:54, Richard Glazier wrote:
> A good question might be, given that this will be a new account,
> what comes as "free" hardware when signing up?
>
> How good is the hardware firewall protection that is built into the
> modern Routers/Switches that seem to be "almost" standard "give-aways"
> to a new account of this type. Forget (for the moment) that lots of the new
> ones also include wireless, which needs to be secured independently
> and locked down properly. (And I stay NON-wireless for that very reason.)
>
> I run the firewall in my DSL modem, also the firewall in my Broadband Router,
> and one software firewall...
>
> How good is the hardware firewall in a DSL Modem?, (assuming there "might"
> be one...)
>
> Rick Glazier
>
> From: "David Gillett"
> > At the moment, you can probably get by with a software firewall such as
> > Zone Alarm or the products offered by McAfee, Norton, etc. But already
> > there is malware that is eroding the usefulness of these products....
> >
> > Nobody can force you to buy a firewall, but how many times does it have to
> > save your machine from abuse before you decide it's worthwhile?
>
>
> > On 17 Aug 2005 at 9:36, Peetie Wheatstraw wrote:
> >> I contemplate abandoning the dial-up for SBC 1.5 DSL
> >> and wish to evaluate additional security/anti-hacker
> >> measures.
> >>
> >> Do I more-or-less *have* to purchase a hardware firewall
> >> to be secure? If so, what device might do a good job
> >> and how much might it cost?
PCBUILD's List Owners:
Bob Wright<[log in to unmask]>
Drew Dunn<[log in to unmask]>
|