• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

New Router with DoS & SPI?

sep

sep

Platinum Member
I'm looking to replace my existing SMC Barricade 7004BR router. It requires a reboot almost every day now. I want to replace it with something that will add some security like Dos, SPI, Content Filter, Report Logging, etc. I have a teenage and just want to keep an eye on the sites. Also I have two littles one that I don't want an adult site to pop up. Can you recommend one for me. I'm looking at the Netgear FR114P. Anyone else got some idea's or do you think I'm being paranoid with the Dos and ISP?

Please help a Father with Internet Gaming, Sharing needs. The FR144W allows the upgrade to 11b...not bad.
 
I can't offer any advice on the content filtering, but I do question the dos/isp thing.

I can't really think of a way that a consumer level router could offer any DOS protection, nor really why it would need to. Your ISP should take care of that (in a much more effective way) if the issue comes up.

I don't know what you mean by ISP, all I can think of is, Internet Service Provider
 
Originally posted by: Soybomb
I can't offer any advice on the content filtering, but I do question the dos/isp thing.

I can't really think of a way that a consumer level router could offer any DOS protection, nor really why it would need to. Your ISP should take care of that (in a much more effective way) if the issue comes up.

I don't know what you mean by ISP, all I can think of is, Internet Service Provider
Click to expand...

I don't think many do, I was getting ddosed weekly from IRC untill I got a BNC, I would call up my isp and ask them if they could at least give me the ip of the computer hitting mine, and all they told me was "there is no activity going to your line, if you think someone is ping attacking you call the police" Like a call to the police "Hi someone is ping attacking me" is going to do anything
 
Talked to Comcast (Cable Modem ISP) about DoS and SPI type of attacks. Can't prevent them all. It's up to you as the consumer...of course!

Linksys:
Protects PCs from Ping of Death, SYN Flood, Land Attacks, IP Spoofing, and Other DoS (Denial of Service) Attacks

Netgear:
True Firewall with Stateful Packet Inspection (SPI) and Intrusion Detection, Denial of Service (DoS) attack protection and VPN pass-through

*Sorry...I ment SPI...hehehe!
 
Unfortunately the uses of a consumer router to limit a DoS attack are pretty useless. Too easy to simply flood out a cable/DSL line. However it can easily stop other attacks that depend on hitting a certain port on a computer in hopes that an open service can be exploited. The router simply doesn't forward incoming connections unless you've specified the port should be forwarded, so you're automatically protected from many worms. However, you're still susceptible to email worms since those are activated behind the router, and your machines would then be used to attempt infections of other machines. Only a virus scanner can prevent that (or simply being vigilant about what's done on the computers).

The ProSafe line seems to be more business-oriented than home user. It does have Stateful Packet Inspection (I assume you meant SPI not ISP), which is nice, but not an absolute requirement or going to make a huge difference for your uses; when you're behind NAT, nothing's getting past the router to affect your machines, and SPI simply prevents the router from being overloaded trying to process invalid traffic. You think you're going to piss anybody off enough to make them specifically attack you? (Attacks that SPI would hinder are all specific attacks, not a worm spread type.)

You can get the RP614 WebSafe router for about 20 dollars less, which provides all the functions you need, including logs of browsing activity that can be emailed to you regularly. The ProSafe doesn't mention being able to log browsing activity.

Any router with "parental control" or "safe" mentioned will have features such as URL blocking either by specific URL or by keywords. Unfortunately a router can't be used to filter a broad range of sites based on content (applications like NetNanny can be used for that).

Internet gaming shouldn't be affected at all with any current routers. Most games don't require an inbound connection to be made anymore, and the few that do can be fixed by configuring a port forward. Mostly older games have issues with sharing a single IP while gaming or issues behind NAT.
 
But a SonicWALL will do all that and content filtering.

I wouldn't really consider NetGear a "true" firewall.
 
And how much is a SonicWALL? That's right, 400 dollars for a 10-user license. May as well set up a computer with firewall software (which is of course another option).
 
Thanks everyone. I really just wanted the "Safe". I didn't that much about DoS and SPI (sorry for the mixup). With that said, I don't think I'm going to require my next router with that.

What about Wireless? The base will be in the basement left side of the house and the PC will be on the opposite side of the house one floor up...between the two would be the FLOOR and 1 Wall?
 
Depending on the construction of your house I would say wireless would work unless your first floor was reinforced concrete.
 
Even if it doesn't from that distance, you could just move the router to the other side of the basement so it's a little bit closer and may be able to punch through the floor alone; just use a longer cable between the router and your cable/DSL modem (unless you have other wired machines terminating in the basement that would be a pain to extend).
 
A PIX firewall should suit you fine. Take a look at the PIX 501 firewall. 4 port 10/100 switch plus a WAN port that will support up to ~60Mbps throughput. It has the things you want plus ALOT more! And you're talking about a bad ass firewall! 😉

Sorry man, came in a little late. It doesn't have wireless capabilities but like I said, it is a bad ass firewall. 😉
 
As was previously stated, no firewall can effectively stop a flooding DDoS (or a flooding DoS coming from a larger pipe either).
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top