Cisco Router Firewall with Pharmacy

[TiziteLayinLow]

I help maintane a local pharmacy network- they have Road Runner business class with the cisco router. He has been getting tons of adware and asked me to help him remove it.. i was planning on just running ad-ware 6 to clean that, but he also wants a firewall setup.. i could just install zonealarm for him but then id have to setup certain ports and they use pharmacy software that connects to their mfg servers via TCP/IP... could i do a netstat to get a certain port # for that and block everything else on the actual router itself or should i just install zonealarm on each PC (about 4-5) and block all software except the mfg software and IE? and if i decide to go with the router method will RR get pissed if i console into the router without authorization. ive consoled into a few cisco routers, but just to get IO info and RAM and that kinda thing how hard are they to setup and is there a PW and things?

Any information would greatly be appreciated,
Matt Enderle

 

[eliteorange]

i would suggest user groups with your windows machines, enable trusted sites only in IE settings and make users unable to install.

if the router belongs to you, and you can get to routername(config)# then you can create Access control lists. but since you dont know how to use Cisco IOS i'd suggest you just get a software firewall.

 

[TiziteLayinLow]

do you have a tutorial on how to console into cisco routers? i have a console cable on rs232 and the cable to get to the serial port..

thanks
matt enderle

 

[nightowl]

Yes you can console into the router easily but being able to do anything of any value is going to be difficult without knowing what you are doing. Also, a tutorial is not going to help you much here. Changing any settings on the router is not going to help with ad-ware unless you know which port is it communicating on. Otherwise you are going to need something that can look at higher level traffic. Your best bet is to educate the users and install a software firewall.

 

[TiziteLayinLow]

im basically thinking as far as the pharmacy.. format, clean install, norton antivirus (updated virus def.), norton internet security, all windowsupdates, ad-ware 6.0 pro with ad-watch, spybot with immunity, zonealarm firewall.. see what that does..

i wasnt curious about how to console into the router for the pharmacy .. strickly to know how to do it. ive done it before but i just telnetted into to get the IOS ver and ram size- ive started taking the cisco online academy but we havent gotten into the router programming yet.

thanks for your help,
matt enderle

 

[y2kc]

Originally posted by: TiziteLayinLow
im basically thinking as far as the pharmacy.. format, clean install, norton antivirus (updated virus def.), norton internet security, all windowsupdates, ad-ware 6.0 pro with ad-watch, spybot with immunity, zonealarm firewall.. see what that does..

i wasnt curious about how to console into the router for the pharmacy .. strickly to know how to do it. ive done it before but i just telnetted into to get the IOS ver and ram size- ive started taking the cisco online academy but we havent gotten into the router programming yet.

thanks for your help,
matt enderle

get a router sim.

 

[MikeDub83]

Best firewall/NAT: SmoothWall

 

[TiziteLayinLow]

get a router sim.

whats a router sim?

 

[TiziteLayinLow]

Originally posted by: MikeDub83
Best firewall/NAT: SmoothWall

Is smoothwall for windows or linux?

thanks

 

[y2kc]

router sim

trialware, full version costs 29.00.

Cisco IOS, many exercises.

 

[TiziteLayinLow]

thanks for the link, thatll come in handy

 

[Agamar]

I would be hisitant about running both AdWares adwatch and Spybot's immunity. Getting a lot of programs (plus a software firewall and antivirus) running will bog the machines down. I would pick one or the other, and run the other manully on a schedule.

 

[TiziteLayinLow]

Ya, i just installed norton internet security on my own pc and it slowed it down dramatically and i have an athlon 1.8ghz/512 ddr.. id hate to see it on a 500mhz/64mb pc100..lol i think ill go with spybot immunity, and just run ad-aware for scans. i will also install - SpyWareBlaster.. which is recommended by spybot if you look on the immunity page.

thanks again guys.. ill let you know.