Hello Patrice!
Hace mucho tiempo sin verle! It?s been a while! You give a pretty
broad price range, and I have found several resources for you, all of
them under $100!
There are hardware firewalls and software firewalls, and I have found
information on both for you.
Firewall Information
====================
Why Use Firewall Software:
http://www.pcworld.com/howto/article/0,aid,112920,00.asp
Technical Stuff on Firewalls:
http://computer.howstuffworks.com/firewall2.htm
What a firewall does NOT do
A firewall isn't sufficient on its own to guarantee security, but it
is the first line of defence. You will also need to take the other
protective steps outlined in this section.
A firewall provides limited or no protection:
? If you give permission for other computers to connect to yours;
? If it is switched off, disabled or contains many exceptions or open ports;
? Against most viruses;
? Against spam;
? Against spyware installations;
? Against any kind of fraud or criminal activity online;
? If you or a virus has created a "back door" through the firewall;
? If a hacker has the password for the firewall;
? Against people with physical access to your computer or network;
? Against malicious traffic that does not travel through it, for
example via a poorly configured wireless network;
? Against attacks after a network has been compromised;
? Against traffic that appears to be legitimate.
None of these things give a reason NOT to install a firewall. However,
it's like wearing a seatbelt in a car?it's a good idea but it won't
guarantee your safety if you crash.
It is safest to assume that your internet service provider does NOT
provide any kind of firewall and make sure you have the right software
to protect yourself.
http://www.yell.com/getsafeonline/firewall/home.html
Comparison chart of recommended software firewalls:
http://personal-firewall-software-review.toptenreviews.com/
Software
========
Zone Labs
---------
Zone Alarm is a very trusted software firewall, that comes in a free
version, and a purchased version, with more features. You may want to
download the free version to get an idea how it works.
http://www.zonelabs.com/store/content/home.jsp
You can download the free version here:
http://www.zonelabs.com/store/content/catalog/products/sku_list_za.jsp?dc=12bms&ctry=US&lang=en&lid=dbtopnav_zass
The purchased version can be downloaded here:
http://www.zonelabs.com/store/content/catalog/products/sku_list_zap.jsp?dc=12bms&ctry=US&lang=en&lid=dbtopnav_zass
As you can see, Zone Labs has various products, such as spyware
removers and anti-virus-ware.
This page compares features:
http://www.zonelabs.com/store/content/company/products/znalm/comparison.jsp?dc=12bms&ctry=US&lang=en&lid=ho_za
Here is a review by PC Magazine:
?Before installing any of the behavior-blocking apps in this story,
make sure you have a good software firewall, such as ZoneAlarm Pro or
Norton Personal Firewall, to watch program and network activity on
your PC. These firewalls can put very strong locks on your system to
protect you. Of course, the best lock in the world won't keep you safe
if you open the door to every shyster, burglar, or land shark.?
Zone Alarm will pop up messages in the lower right hand corner warning
you of intruders. ?Some personal firewall products warn about
behaviors other than attempts to connect with the network or Internet.
You may get a warning that a program is attempting to configure itself
to launch at start-up, or that one program is trying to launch
another. If you're installing a program that needs to run in the
background, such as a utility that checks your favorite blogs for new
entries, launching at start-up makes sense. But a warning that a
program you don't recognize is trying to launch Windows Explorer
suggests that a malicious program is attempting an end run around your
firewall. Here again, if you're not sure, you may want to block the
action one time and see what happens.?
http://www.pcmag.com/article2/0,1759,1879972,00.asp
CNET has a review of firewall software, and Trend Micro and P-Cillin
are their winners! However, I found little else good, and plenty bad
written about P-Cillin!
http://reviews.search.com/search?q=firewall&nodeid=3667&format=customlayout&channel=54&cat=312&mode=products&allfields=0&k=27291155
Microsoft
---------
Microsoft has some beta products. I use just the anti-spyware, with good results.
http://www.microsoft.com/athome/security/downloads/default.mspx
Black Ice
---------
I have a neighbor who swears by Black Ice, and only Black Ice. I?ve
been very happy with my free Zone Alarm version, so have not tried it.
It seems like overkill for a home computer, but I have included it for
your review.
http://www.digitalriver.com/dr/v2/ec_dynamic.main?SP=1&PN=12&sid=26412
Hardware
========
?As a rule, firewall hardware is better than firewall software. A
hardware firewall is a stand-alone appliance that's not dependent on
Microsoft's operating systems.?
http://www.findarticles.com/p/articles/mi_qa3984/is_200405/ai_n9438348#continue
If you have a router at home, to connect two or more computers, you
already have some firewall protection:
?Hardware firewalls are often built into broadband internet routers.
If several computers share an internet connection, a hardware firewall
will protect all of them. Most router manufacturers offer devices with
firewalls.
Although they are getting easier to use, configuring a hardware
firewall is often trickier than configuring a software firewall.
There is usually little price difference between a router that
includes a firewall and one without, so it pays to get the extra
protection if you have a choice.
You can have hardware and desktop firewalls and having both may give a
small margin of extra security. However, a desktop firewall on each
computer is your first priority.
http://www.yell.com/getsafeonline/firewall/home.html
Firewall guide:
http://www.firewallguide.com/hardware.htm
Everyone has their own opinion"
http://fileforum.betanews.com/review/1062089159/1/view
You?ll also find useful information in one of my esteemed colleague
Sublime1-ga's answer here:
http://answers.google.com/answers/threadview?id=568868
Hope this has been helpful! If I were to pick, I'd try the Zone Alarm
free version, and upgrade if you like it. I find it works wonderfully.
Sincerely, Crabcakes
Search Terms
============
Hardware firewall
Knowledge of topic |
Request for Answer Clarification by
patrice29-ga
on
23 Nov 2005 09:18 PST
Crabcakes, bueno oír de tu de nuevo. Mí gramática es pésimo estoy
seguro. Pero estas un problemo por otra vez.
I think I'm interested in hardware firewalls.
Would you explain this paragraph from the other GA thread you refereced.
The biggest advantage of a router is that it
fields all the traffic sent to the IP address
given to you by your ISP, and reassigns the IP
address used by your computer, so your PC's IP
address is simply not accessible.
"reasigns the IP address used by your computer"
Does this mean 'changes' it or masks or disguises it, or simply doesn't
provide it. Why is having your IP address inaccessible benificial?
Gracias,
Patrice
|
Clarification of Answer by
crabcakes-ga
on
23 Nov 2005 10:13 PST
Hi Patrice,
IPs and masking, etc. is a very complicated subject.
These pages explain it technically:
http://computer.howstuffworks.com/router8.htm
The above site does a good job explaining the whole process, and if
you have time to read it all and digest it all, you'll grasp the
process!
http://www2.rad.com/networks/1994/ip_addr/tcpip2.htm
I'll explain as simply as possible:
Your computer is assigned an IPP address from your internet service
provider. Most ISPs assign you a dynamic number, meaning they can
change from day to day, or week to week, etc. The ISP has a ta ble
that matches the assigned IP to your computer, so even if they are
changed, the table is keeping track of it. This goes on seamlessly,
you never even know it!
When you visit a web site, this IP number goes to the site you visit.
If the site was unscrupulous, it could send back malicious code
(virus, worm, spyware, denial of service attack - shutting your PC
down!).
A router masks your computer's IP, and sends the router's IP out. Then
when incoming messages hit your router, the router assigns them to
your computer IP number, keeping malicious stuff out.
Yes, a router does hide your IP from outside.
Let's say you click on a web site. Your router's IP address goes with
your request. The web site serves you a copy of the web site, that
your browser displays for you. When the website contents reach your
router, it in turn, sends it to your PC's IP. It is able to block
malicious content, because it recognizes that you did not ask for it,
and it does not contain identifiers that can link it to your PC. In
this way it filters out "stuff" you did not request.
"If a TCP/IP computer needs to communicate with a host on another
network, it will usually communicate through a device called a router.
In TCP/IP terms, a router that is specified on a host, which links the
host's subnet to other networks, is called a default gateway. This
section explains how TCP/IP determines whether or not to send packets
to its default gateway to reach another computer or device on the
network.
When a host attempts to communicate with another device using TCP/IP,
it performs a comparison process using the defined subnet mask and the
destination IP address versus the subnet mask and its own IP address.
The result of this comparison tells the computer whether the
destination is a local host or a remote host.
If the result of this process determines the destination to be a local
host, then the computer will simply send the packet on the local
subnet. If the result of the comparison determines the destination to
be a remote host, then the computer will forward the packet to the
default gateway defined in its TCP/IP properties. It is then the
responsibility of the router to forward the packet to the correct
subnet."
http://support.microsoft.com/?kbid=164015
While a hardware firewall is a good thing, I still recommend adding
the free version of ZoneAlarm as secondary protection. No firewall,
hardware or software, is 100% foolproof. Following the Bullet-Proof
system Sublime1 described in the link I provided you is a good set of
deterrents against malware!
Good Luck!
Sinceramente, Crabcakes
|
Request for Answer Clarification by
patrice29-ga
on
24 Nov 2005 06:59 PST
Este hilo se hace largo, pero buena propina más tarde.
I'd like to clarify something. So in order for an unscrupulous site to
send back malicious code, it sends it to the IP address. If the IP
address it sees (as yours) is a bogus number, then it sends the code
to a dead end.
If the IP address is correct, then it sends "malicious code" up the
correct line. What form does this 'bad code' take. An exe? I have a
feeling you're going to say a trojan. Is a trojan an exe? I suspect
I'm scratching at the tip of a very large iceberg.
It turns out that I do have a router, but I never suspected it would
act as a firewall, I bought it (a Linksys Wireless-G 2.4GHz, 54Mbps)
to provide internet connection for my laptop. So is it true that I'm
already sheilding my IP address from the outside world. Is there a way
to test this, or would it be unnecessary to test it. This router was
purchased around July 2004.
You don't have to type large volume. Short is good too.
Patrice
|
Request for Answer Clarification by
patrice29-ga
on
24 Nov 2005 09:03 PST
Clarification:
The Linksys router model number is WRT54G, with 4 port switch.
|
Clarification of Answer by
crabcakes-ga
on
25 Nov 2005 14:01 PST
Hi Patrice,
Your Linksys does provide firewall protection. Below this paragraph is
more information on setting up your router.
You routerIP number probably starts with
Start> Run > Command > type in ipconfig
Here is infor on setting up your router:
http://www.smallnetbuilder.com/Reviews-39-ProdID-WRT54G-4.php
|
Clarification of Answer by
crabcakes-ga
on
25 Nov 2005 14:28 PST
Oops, Patrice, I hit the POST button too soon.
Hi Patrice,
Your Linksys does provide firewall protection. Below this paragraph is
more information on setting up your router.
Here is info on setting up your router:
http://www.smallnetbuilder.com/Reviews-39-ProdID-WRT54G-4.php
To find your router's IP address:
You routerIP number probably starts with 192. To find it, go to:
Start> Run > Command > type in the black DOS looking window this: ipconfig
This is your router IP
Next, go to Start again:
Start> Run > Command > type in the black DOS looking window this: ping 127.0.0.1
This is a loopback number to your own computer.
Try pinging a known good site, like www.google.com
Start> Run > Command > type in the black DOS looking window this:
ping 66.102.7.99
If all of the above work properly, everything is working as it should
on your router.
The commenter below, fedlersoft left some good advice about setting up
your router. Most routers come with the manufacturer's name as the
default network name. You should change this that means something to
you and you can remember.
Once you find your own router's IP address, you should be able to
reach the "home page" of your router, and change the settings, adding
a password, changing the default network name (SSID). Your manual, or
the link above should be useful in assisting you.
It may be helpful to you to bookmark the home page of your router.
Once you have the page open, simply add it to your bookmarks, so you
can easily find it in the future.
exe files are executable files and can contain trojans and viruses. A
good virus program is included in Sublime1-ga's Bulletproof answer,
whose link I included in the Answer. The firewall stops unauthorized
entry by hackers. You will still need a good anti-virus program and
spyware stoppers.
" Oh, and don't expect these firewalls to block outgoing traffic from
rogue computer programs on your system - that is part of what software
based personal firewalls are for.
String based URL filtering
This allows you to type in a string, any string, and the router will
block any url that contains that string. I found it handy for blocking
certain annoying ad servers that insist on serving me pop-under ads.
That?s about it? mostly worthless.
Block by port number or service
Some routers will let you block specified Internet services or port
numbers. Sure, you can block usenet news from your kids computers, but
you end up turning it off for the whole network! Again, an almost
worthless feature.
ACL Lists
Some routers actually do have advanced ACL or access control lists.
They allow you to set up security levels for individual computers or
groups of computers on your network. Many of these figure out who to
block by looking at the computer name (host name) of the requesting
computer. This is useless because your kids can just change the name
of their computer! Make sure that ACL lists are defined by MAC
ADDRESS. Problem is, even MAC address on your NIC can be altered right
in your network settings."
http://www.homenethelp.com/router-guide/features-port-fwd.asp
"All NAT based routers act as a 'natural' firewall between the
Internet and your LAN by masking the true IP address' of the computers
on your LAN. The very nature of NAT makes it nearly impossible for
someone to directly connect to a computer behind a NAT router using
the computer?s IP address. This does not however stop hackers from
successfully launching things like DoS (Denial of Service) attacks on
you."
http://www.homenethelp.com/router-guide/features-firewall.asp
I hope this has helped!
Hasta Luego, Crabcakes
|
