Prev: Comodo Personal Firewall
Next: Daemon Alert - Nokia
From: Sol on 8 Apr 2006 18:35
Hi there.

I have been taught that the average consumer-grade IP NAT-capable wired
router is (for residential end users, SOHO users, or really anyone who
does NOT need to explicitly open ports in their Internet gateway device
or run a DMZ) an execellent protection against both network worms and
malicious crackers or script kiddies. Specifically, I have been told
that by the nature of the form of IP NAT used by consumer/home user
routers, all unsolicited inbound network traffic is simply discarded,
thereby protecting all users on the network from UNSOLICITED attacks.
Obviously, that would still leave you vulnerable to any malicious
traffic that you personally allow to enter your PC, such as foolishly
downloading malware-infected programs.

So my questions are as follows: is it true that all unsolicited
network traffic that attempts to pass through a consumer/home user
grade wired NAT router (assuming the necessary configurations are
properly made, of course) is dropped? If so, is it possible for some
manner of attack to fool the NAT router (without the user's knowledge
or intervention) into thinking that some malicious unsolicited traffic
was solicited? And if so, are there any known exploits that exist in
the wild? Don't forget that I'm asking about wired-only routers here,
no WIFI.

Thanks in advance for your time and help.

From: Sol on 9 Apr 2006 00:33
Leythos wrote:
> it's not as common as it use to be.

Are there any particular router brands that I should be wary of? My
opinion has generally been that Linksys makes a good router (since
they're a division/child of CISCO, but I realize that that's no
guarantee of quality). Who should I avoid and who should I use?

Thanks for your help.

From: Duane Arnold on 9 Apr 2006 07:18

"Sol" <revolution_158(a)hotmail.com> wrote in message
news:1144557225.863291.235360(a)i40g2000cwc.googlegroups.com...
> Leythos wrote:
>> it's not as common as it use to be.
>
> Are there any particular router brands that I should be wary of? My
> opinion has generally been that Linksys makes a good router (since
> they're a division/child of CISCO, but I realize that that's no
> guarantee of quality). Who should I avoid and who should I use?
>


Any one that doesn't have SPI in the firmware for the router.

Duane :).


From: Sol on 9 Apr 2006 13:54
Leythos wrote:
> I like the units that have been certified as a firewall

That intrigues me. Is there a firewall certification or cert.
organization in particular that you're thinking of? I'm concerned with
quality more than price.

Thanks for your time and effort answering me.

From: Volker Birk on 10 Apr 2006 13:18
Sol <revolution_158(a)hotmail.com> wrote:
> Leythos wrote:
> > I like the units that have been certified as a firewall
> That intrigues me.

You don't need to. Just read RFC 2978. From there:

| A "firewall" is an
| agent which screens network traffic in some way, blocking traffic it
| believes to be inappropriate, dangerous, or both.

Yours,
VB.
--
At first there was the word. And the word was Content-type: text/plain
 |  Next  |  Last
Pages: 1 2
Prev: Comodo Personal Firewall
Next: Daemon Alert - Nokia