hardware firewall

Caporegime
Joined
12 Mar 2004
Posts
29,913
Location
England
This is a home pc not an fbi computer, another uneeded firewall is just using more hdd space more memory more rescources and is another thing to worry about updating and then there are the compatibility issues with some programs and configurations needed. You will never get trojans on your pc unless you download dodgey stuff. If your paranoid install one otherwise it isn't worth the time and effort.
 
Last edited:
Soldato
Joined
8 Nov 2002
Posts
9,128
Location
NW London
james.miller said:
you can only control ports, you cant control software. open a port on the router and any piece of software can use it;)

Actually a lot of modern firewalls will allow rules to be set right up to layer 7, not just as basic as opening or blocking a port.
 
Soldato
Joined
13 Jan 2004
Posts
12,197
Location
Inverness
Energize said:
If your paranoid install one otherwise it isn't worth the time and effort.


Time and effort?

He's not coding the firewall himself! Takes two minutes to install, and 10 seconds to configure each time a new program attempts to get to the outside world.
 
Caporegime
Joined
12 Mar 2004
Posts
29,913
Location
England
Exactly, every time something wants access it needs to be configured, when I used zone alarm years ago this constantly annoyed me popping up for firefox, bit torrent, games, msn, everything.

Anyway the simple answer to the original question was no.
 
Soldato
Joined
17 Aug 2003
Posts
20,158
Location
Woburn Sand Dunes
Energize said:
Exactly, every time something wants access it needs to be configured, when I used zone alarm years ago this constantly annoyed me popping up for firefox, bit torrent, games, msn, everything.

no, zone alarm did that because it was crap. Yuo only need to configure a program once unless that program changes.
 
Caporegime
Joined
8 Jul 2003
Posts
30,062
Location
In a house
Energize said:
Exactly, every time something wants access it needs to be configured, when I used zone alarm years ago this constantly annoyed me popping up for firefox, bit torrent, games, msn, everything.

Anyway the simple answer to the original question was no.

Then when the pop up appeared you should have just ticked yes, and clicked don't ask me again, then it would'nt keep asking for access. :p
 
Soldato
Joined
7 Mar 2005
Posts
19,257
Location
LU7
LoadsaMoney said:
Then when the pop up appeared you should have just ticked yes, and clicked don't ask me again, then it would'nt keep asking for access. :p
That's what I did. New program runs for the first time, ZA picks up on it. I'd allow it access permanently or block it. End of. Simple. Might put ZA back on when I go back to Uni though.
 
Permabanned
Joined
18 May 2006
Posts
9,036
james.miller said:
hardware firewall = stop stuff getting in
software firewall = stop unwanted software getting out.

eh...?
sorrry, that's just wrong...


a firewall is a firewall.

it makes no difference if it's implemented as an application or running on a dedicated applicance.

both can (in most cases) be configured to block outgoing traffic. (except the XP one)

neither will stop your PC getting compromised if a cracker wants it so.
- check out the number of trojans that will attempt to turn off a software firewall...
at least nothing out there currently turns off H/W firewalls

The OP needs to read his linksys manual and learn how to configure his firewall to deny everything except the ports required.

--edit---
In XP you can configure outbound blocking with IPSec policies




.
 
Last edited:
Soldato
Joined
17 Aug 2003
Posts
20,158
Location
Woburn Sand Dunes
bitslice said:
eh...?
sorrry, that's just wrong...


a firewall is a firewall.

how is it wrong? is it wrong that a program that you wouldnt want to give access to, can use open ports on the router when you've opened them for some other reason? there are things people dont want to give access to, and shutting down ports isnt always the answer. for everything else, there's a software firewall.


for the record, i'm not trying to defend the reason I use a software firewall. I dont, but i know why people and its perfectly reasonable IMO
 
Last edited:
Permabanned
Joined
18 May 2006
Posts
9,036
james.miller said:
how is it wrong?.

Hi,
I was simply taking issue with the implication that H/W firewalls did one thing, and S/W firewalls did another. :)

---edit---
I accept that S/W firewalls tend to include additional logic beyond SPI that can detect if a certain port is being misused by a rogue application. (Which is probably what you meant)

---
it is still possible to have an infected PC that is running undetected by both firewalls and AntiVirus applications.
It's possibly more important to be able to detect modifications to your registry then to deny the constantly touted "ping of death"


.


.
 
Last edited:
Permabanned
Joined
18 May 2006
Posts
9,036
for the OP.
Hardware firewalls sound nice, but in practice aren't much help unless you are running some syslog app to monitor the allowed traffic (like a business would). If it's there, then configure it by all means, can't hurt.

Most home users are better off with patching their PC and running something like ZoneAlarm or Kerio.

...plus another plug for this:

RegistryProt
http://www.diamondcs.com.au/index.php?page=regprot


.
 
Back
Top Bottom