|
Posted by $Bill on March 26, 2007, 12:01 pm
If you were Registered and logged in, you could reply and use other advanced thread options
Michael Kamp wrote:
>>Hard to go too wrong with the Linksys BEFSR41 for wired, or a
>>Buffalo WHR-G54S
>
> So, this is only a router, I guess it has a firewall included?
> Is there e.g. a logging mechanism that sends syslog to a e.g. 3CDaemon
> Syslog - Server?
>
>
>>It's $50 well spent for a hardware
>>device that includes a stateful packet inspection firewall in it.
>
>
> So, do the Linksys/Buffalo have that?
Some do some don't - I'd stick with Netgear/Linksys myself.
Go to the Netgear and Linksys websites and check out the features
you want and buy accordingly. I use a Netgear wired RP614. The
wireless is easier to get ahold of and has everything the wired
one had and probably cheaper (lots of sales). Stateful packet
inspection will cost you more and you probably don't need it for
a home network. NAT does most of the work and a software firewall
on your PC will handle any spyware you happen to get installed.
Netgear WGR614 ($25+) is a NAT router and Netgear DG834G ($50+)
ADSL router has SPI and VPN passthru and will cost a bit more.
Linksys WRT54G ($45+) has SPI.
|
  | |
Posted by Michael Kamp on March 27, 2007, 5:36 am
If you were Registered and logged in, you could reply and use other advanced thread options
> Stateful packet
> inspection will cost you more and you probably don't need it for
> a home network. NAT does most of the work and a software firewall
> on your PC will handle any spyware you happen to get installed.
I am just a beginner in security. What security feature is added by NAT?
As fas as I know, the router looks up the mac address of my pc and sends
the incoming packets to my network card.
But what's added by NAT? And even more, if NAT adds something, why does
it help only small home networks?
Thanks for your help!!
Michael
|
|
Posted by $Bill on March 27, 2007, 5:58 am
If you were Registered and logged in, you could reply and use other advanced thread options
>
> I am just a beginner in security. What security feature is added by NAT?
> As fas as I know, the router looks up the mac address of my pc and sends
> the incoming packets to my network card.
>
> But what's added by NAT? And even more, if NAT adds something, why does
> it help only small home networks?
NAT is all you need for a small home network. SPI would be the next step
up in security.
NAT
Short for Network Address Translation, an Internet standard that enables
a local-area network (LAN) to use one set of IP addresses for internal
traffic and a second set of addresses for external traffic. A NAT box
located where the LAN meets the Internet makes all necessary IP address
translations.
NAT serves three main purposes:
# Provides a type of firewall by hiding internal IP addresses
# Enables a company to use more internal IP addresses. Since they're used
internally only, there's no possibility of conflict with IP addresses
used by other companies and organizations.
# Allows a company to combine multiple ISDN connections into a single
Internet connection.
Try here or Google for more info on firewalls :
http://www.pcmag.com/encyclopedia_term/0,2542,t=firewall&i=43218,00.asp
|
|
Posted by Todd H. on March 27, 2007, 10:34 am
If you were Registered and logged in, you could reply and use other advanced thread options
> Michael Kamp wrote:
> > I am just a beginner in security. What security feature is added by
> > NAT?
> > As fas as I know, the router looks up the mac address of my pc and sends
> > the incoming packets to my network card.
> > But what's added by NAT? And even more, if NAT adds something, why
> > does
> > it help only small home networks?
>
> NAT is all you need for a small home network. SPI would be the next step
> up in security.
As you state, SPI is a worthwhile improvement of NAT packet filtering.
It's a bit of a moot point arguing for or against it as necessary
though, as it's a challenge finding a home router being sold now that
doesn't employ SPI.
--
Todd H.
http://www.toddh.net/
|
|
Posted by Warren H on March 27, 2007, 12:20 pm
If you were Registered and logged in, you could reply and use other advanced thread options
> I am just a beginner in security. What security feature is added by
> NAT?
> As fas as I know, the router looks up the mac address of my pc and
> sends
> the incoming packets to my network card.
>
> But what's added by NAT? And even more, if NAT adds something, why
> does
> it help only small home networks?
NAT will essentially protect you from most script kiddies. They're
looking for vulnerable systems based on searching by IP address. When
they hit a NAT router, the router looks to see which connected PC the
packets are intended for, but the packets won't have any such
information.
Could a script kiddie get by NAT? Give them enough time, in theory it
could happen. But in practice, they're not going to spend that much time
to get past a NAT router when they don't even know if there's any prize
beyond it. In the time it would take them to find a prize behind a NAT
router, they can probably find a few hundred compromisable systems.
The reason why NAT is all most home users need is that these script
kiddies are likely the only threat they'll face that can be stopped by
any kind of firewall solution. The typical home user's biggest threats
are those that they'll invite around any firewall.
--
Warren H.
==========
Disclaimer: My views reflect those of myself, and not my
employer, my friends, nor (as she often tells me) my wife.
Any resemblance to the views of anybody living or dead is
coincidental. No animals were hurt in the writing of this
response -- unless you count my dog who desperately wants
to go outside now.
Maintain your landscape with Black & Decker:
http://www.holzemville.com/mall/blackanddecker
|
| Similar Threads | Posted | | Cable modem not working with TV cable plugged in | November 2, 2006, 1:34 am |
| Do I need a new cable modem? | February 15, 2005, 12:00 pm |
| what cable modem to ge | March 30, 2005, 7:15 am |
| cable modem | November 21, 2005, 10:55 pm |
| cable modem | May 14, 2006, 9:52 am |
| Cable Modem | September 15, 2007, 10:06 am |
| Cable modem purchase | February 8, 2005, 3:56 am |
| cable modem trouble | March 11, 2005, 8:33 am |
| RCA DCM235 cable modem | March 13, 2005, 12:14 am |
| TV Interference from cable modem. | May 26, 2005, 8:06 am |
|
|
NewsGroups 
Yahoo! 
Google 
Windows Live 
del.icio.us 
digg 
Netscape 
XML site map