I am expecting my ADSL connection to go live today and I'm getting a
bit concerned about security.

I have 4 x PC's (including a laptop) connected to a Linksys
WAP/Modem/Router, I have stopped using the WAP because it stops working
from time to time which is a pain.

I have temporarily installed Norton Personal Firewall on all 4 PC's to
give me some protection, but this is not really a long term solution.

I have one PC, a 2.4GHz P4, that I could use as a h/w firewall,
presumably with Linux rather than Windows for extra security.

I am struggling to get my head round what to connect where. I imagine
the firewall PC would connect to the modem/router with one NIC and to a
second router (which I have) via a second NIC using a different address
range.

That effectively means that none of the PC's on the second router will
be able to 'see' the network on the first router - and the Internet
won't be able to see these 'internal' PC's.

If I'm correct so far then how do I browse the Internet and pick up
mail and newsgroups from the PC's connected to the second router?

I am hopeful that there are some articles around that will lead me
through this, can anybody point me to one that will take me through
step by step?

Many thanks.

--
Jeff Gaines
Posted with XanaNews 1.17.1.2

From:	IPGrunt
Subject:	Re: Hardware Firewall Articles?
Date:	20 Jan 2005 17:48:50 GMT

"Jeff Gaines" confessed in
news:xn0dxhbiwaa8nx001@news.individual.net:

>
> I am expecting my ADSL connection to go live today and I'm getting a
> bit concerned about security.
>
> I have 4 x PC's (including a laptop) connected to a Linksys
> WAP/Modem/Router, I have stopped using the WAP because it stops working
> from time to time which is a pain.
>
> I have temporarily installed Norton Personal Firewall on all 4 PC's to
> give me some protection, but this is not really a long term solution.
>
> I have one PC, a 2.4GHz P4, that I could use as a h/w firewall,
> presumably with Linux rather than Windows for extra security.
>
> I am struggling to get my head round what to connect where. I imagine
> the firewall PC would connect to the modem/router with one NIC and to a
> second router (which I have) via a second NIC using a different address
> range.
>
> That effectively means that none of the PC's on the second router will
> be able to 'see' the network on the first router - and the Internet
> won't be able to see these 'internal' PC's.
>
> If I'm correct so far then how do I browse the Internet and pick up
> mail and newsgroups from the PC's connected to the second router?
>
> I am hopeful that there are some articles around that will lead me
> through this, can anybody point me to one that will take me through
> step by step?
>
> Many thanks.
>

Have you considered a device like the Netgear WGR614, that is a WiFi hub
and router w/Firewall?

This kind of device, selling for about $50 these days, will give most home
users the kind of protection they need.

-- ipgrunt

From:	Jeff Gaines
Subject:	Re: Hardware Firewall Articles?
Date:	20 Jan 2005 18:15:43 GMT

On 20/01/2005 IPGrunt wrote:

> "Jeff Gaines" confessed in
> news:xn0dxhbiwaa8nx001@news.individual.net:
>
[snipped]

> Have you considered a device like the Netgear WGR614, that is a WiFi
> hub and router w/Firewall?
>
> This kind of device, selling for about $50 these days, will give most
> home users the kind of protection they need.
>
> -- ipgrunt

Many thanks. Since my first post I have 'gone live', the main issue at
the moment is I keep trying to 'disconnect' but I'll get used to it :-)

The Linksys WAG54G I am using does have a built in firewall, which is
enabled, and since re-booting the PC's after I went live Norton PF has
not reported any hacking attempts.

If the firewall in the Linksys is sufficient on its own then I could
certainly save a lot of trouble just using that. Are these built in
firewalls reasonably secure? If I understand it the Linksys runs an
embedded version of Linux.

--
Jeff Gaines
Posted with XanaNews 1.17.1.2

From:	IPGrunt
Subject:	Re: Hardware Firewall Articles?
Date:	21 Jan 2005 06:00:59 GMT

"Jeff Gaines" confessed in
news:xn0dxhjhx1vfzx000@news.individual.net:

> On 20/01/2005 IPGrunt wrote:
>
>> "Jeff Gaines" confessed in
>> news:xn0dxhbiwaa8nx001@news.individual.net:
>>
> [snipped]
>
>
>> Have you considered a device like the Netgear WGR614, that is a WiFi
>> hub and router w/Firewall?
>>
>> This kind of device, selling for about $50 these days, will give most
>> home users the kind of protection they need.
>>
>> -- ipgrunt
>
>
> Many thanks. Since my first post I have 'gone live', the main issue at
> the moment is I keep trying to 'disconnect' but I'll get used to it :-)
>
> The Linksys WAG54G I am using does have a built in firewall, which is
> enabled, and since re-booting the PC's after I went live Norton PF has
> not reported any hacking attempts.
>
> If the firewall in the Linksys is sufficient on its own then I could
> certainly save a lot of trouble just using that. Are these built in
> firewalls reasonably secure? If I understand it the Linksys runs an
> embedded version of Linux.
>
>

That firewall should be secure, but you've got to be configured properly to
be secure. As Leythos said, learn to use NAT and how it works for you.
Everyone should be the John Wayne of their network--it's the American way.

Keep reading and learning about networking and network services. Of if it
is that important to you, spend a couple of hundred dollars and hire a
consultant to look over your configuration.

Either way, you'll feel much better about having your LAN connected to the
internet 24/7. You'll be amazed at how often your border gateway is probed
and/or attacked randomly, all day and all night long. Depending on your
upstream provider, you should expect malware traffic at your gateway on the
order of hundreds of connection attempts per hour. 99.9% of these should be
blocked so that these sources of trouble aren't even aware that a router
exists at your address. The Linksys will do this, again, if you are
properly configured. Doesn't help to check twice.

Then when you are satisfied that you are protected, remember to copy your
configuration to disk.

Good luck, but never let your guard down.

-- ipgrunt

From:	Jeff Gaines
Subject:	Re: Hardware Firewall Articles?
Date:	21 Jan 2005 09:21:09 GMT

On 21/01/2005 IPGrunt wrote:

> That firewall should be secure, but you've got to be configured
> properly to be secure. As Leythos said, learn to use NAT and how it
> works for you. Everyone should be the John Wayne of their
> network--it's the American way.

Many thanks for that, I'll take it step by step. The fact that Norton
PF has shown no attacks in about 18 hours is encouraging, the Linksys
must be stopping them.

I'm not sure who is the equivalent of John Wayne here, perhaps it's a
Sherlock Holmes approach I need :-)

--
Jeff Gaines
Posted with XanaNews 1.17.1.2

From:	Leythos
Subject:	Re: Hardware Firewall Articles?
Date:	Thu, 20 Jan 2005 18:18:41 GMT

In article , whitedragon101
@hotmail.com says...
> The Linksys WAG54G I am using does have a built in firewall, which is
> enabled, and since re-booting the PC's after I went live Norton PF has
> not reported any hacking attempts.
>
> If the firewall in the Linksys is sufficient on its own then I could
> certainly save a lot of trouble just using that. Are these built in
> firewalls reasonably secure? If I understand it the Linksys runs an
> embedded version of Linux.

Linksys uses NAT for protection of the local computers, it's not a
firewall, but a firewall "like" feature that protects you.

NAT means that only things you invite into your network (even things you
don't realize you're inviting in) can get to your network - unless you
open/forward ports from the outside to the inside in the router.

You also need to secure the wireless side or anyone near enough can
access your local network without your permission.

--
--
spamfree999@rrohio.com
(Remove 999 to reply to me)

From:	Wolfgang Kueter
Subject:	Re: Hardware Firewall Articles?
Date:	Thu, 20 Jan 2005 23:56:28 +0100

Jeff Gaines wrote:

> I have temporarily installed Norton Personal Firewall on all 4 PC's to
> give me some protection,

crap.

> but this is not really a long term solution.

THe deinstallation of the crap might be one-

> I have one PC, a 2.4GHz P4, that I could use as a h/w firewall,
> presumably with Linux rather than Windows for extra security.

What do you want to filter with that? Gigabit ethernet with hundreds of
machines on both sides of the box? A 2.4 GHz CPU is even more than complete
overkill for that purpose, an old 486 will do for that.

Wolfgang

From:	Jeff Gaines
Subject:	Re: Hardware Firewall Articles?
Date:	21 Jan 2005 09:24:22 GMT

On 20/01/2005 Wolfgang Kueter wrote:

> Jeff Gaines wrote:
>
>
> > I have temporarily installed Norton Personal Firewall on all 4 PC's
> > to give me some protection,
>
> crap.

You should write reviews for PC Mags :-)
Agnitum is getting some good reviews over here.

> > I have one PC, a 2.4GHz P4, that I could use as a h/w firewall,
> > presumably with Linux rather than Windows for extra security.
>
> What do you want to filter with that? Gigabit ethernet with hundreds
> of machines on both sides of the box? A 2.4 GHz CPU is even more than
> complete overkill for that purpose, an old 486 will do for that.

Well, my network may grow :-)

I have that box unused so if I did set up a h/w firewall I might as
well make use of it.

--
Jeff Gaines
Posted with XanaNews 1.17.1.2

From:	Kerodo
Subject:	Re: Hardware Firewall Articles?
Date:	Thu, 20 Jan 2005 16:22:12 -0800

In article , wolfgang@shconnect.de says...
> > I have temporarily installed Norton Personal Firewall on all 4 PC's to
> > give me some protection,
>
> crap.
>

Much worse than crap... ;)

--
Kerodo