Need a hardware firewall

[Andvari]

I am looking to buy a hardware firewall to go with my Kerio software firewall. It seems like a router is the way to go, but I only have one computer, so I don't need a router anyway. I don't need wireless. I don't need any of these spiffy router features, I simply need a hardware firewall.

Are all routers the same in the firewall department?

 

[John]

You can pick up a D-Link, Linksys, or Netgear cable/dsl router for $20-$30 from a local store. Even though you don't need the additional 10/100 ports right now they may come in handy down the road. The same goes for wireless.....

 

[keeleysam]

If I were you I would pick up a Linksys BEFW11S4 for like $15 AR. Theextra featues may seem liek a waste now, but you can jsut disable them. It's wayyyy cheaper than a real firewall, but does the same thing + more.

 

[fuzzynavel]

The only firewall that most mainstream routers have is a NAT (Network Address Translation) firewall......good in theory will basically on let through packets that you request and not unsolicited junk...That's how I understand it.......Google it to see if you can make more sense.....

Or if you have an NForce 4 Mobo you should have the Nvidia Hardware firewall on that....not sure how useful/useless it is as I haven't set mine up yet!

 

[swatoke]

Best BestBuy has a D-Link DI-604 Router for $5 after rebate. I have purchased two of these in the past for other family members and it works very well and easy to setup.

 

[Pabster]

A cheap router is your best bet. I prefer Linksys.

Alternatively you could throw an old aging PC together with a Linux distro and run Smoothwall ...

 

[mechBgon]

Another one: Netgear RP614 and I've shown how you can arbitrarily lock down TCP/UDP traffic on ranges of ports that you aren't using yourself. Some malware, botnet-style stuff for instance, will try to communicate on random or pre-chosen high-numbered ports if it succeeds in infecting, so this would be a hindrance because you aren't leaving them wide-open (to outbound traffic, I mean) just for no good reason.

Unlike a software firewall, the malware won't be able to disable your router's arbitrary rules.

 

[Andvari]

Well if I can get that D-Link one for $5, I'd be hard pressed to look at anything else. I noticed your RP614 recommendation in another thread mechBgon. I was pondering that one, but if it's $39 I don't see why I should get it unless it's marginally better. I can lock down TCP/UDP on the D-Link too I'd imagine, right? I don't even know what that means yet heh. I'm fairly computer savvy, but not when it comes to networking. Firewalls intimidate me.

 

[mechBgon]

I think I checked out the D-Link's manual a while back and found that it had NAT, SPI and the capability to add your own rules too. Lemme rummage among my .PDF collection...

*rummage, rummage*

Ooops, that's the 624 Being on dial-up, it would take me a while to get the manual, but that could be a good recon move if you really want the rules just the way you like them.

Bigger picture: NAT + SPI is enough to screen typical worm/hack probes even if you just plop the router in and don't do anything further. There are probably other ways that most peoples' security is lagging worse... for instance, try Microsoft Baseline Security Analyzer if you haven't already, they just released v. 2.0.

 

[Aisengard]

I like my Linksys BEFSX41...of course, I got it a lot cheaper than what Newegg has it at right now.

http://www.newegg.com/Product/Product.asp?Item=N82E16833124007

 

[angstsoldat]

I have a DI-604 Dlink.. I tried doing the setup for ports and whatnot online (they dont give you a CD that I know of, maybe they do and I just lost it..) Anyway, and I think I locked my self out of it.. O_O it said select your password and so I did .. and then it said it had to reboot.. I tried to log back on it and it said incorrect password..

 

[mechBgon]

Originally posted by: angstsoldat
I have a DI-604 Dlink.. I tried doing the setup for ports and whatnot online (they dont give you a CD that I know of, maybe they do and I just lost it..) Anyway, and I think I locked my self out of it.. O_O it said select your password and so I did .. and then it said it had to reboot.. I tried to log back on it and it said incorrect password..

Try a factory reset of the router. There's probably a small recessed button on the rear, front or bottom that you hold for ~20 seconds with a ballpoint pen. That should put it back to factory settings.