[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Firewall Types



PureBytes Links

Trading Reference Links

Trader wrote:
>From: "Jim" <a1.jim@xxxxxxxxxx>
>
>> Would someone be kind enough to explain briefly why a hardware firewall is
>> considered better than a software firewall such as ZoneAlarm?
>
>Don't think that is realy the truth.....

It most certainly is.

>Hardware firewalls are easier in some way's. You only need to set
>up 1 device wich can control all the computers you have on your
>network. But since still most users will use standard configurations
>they will in most cases leave trafic comming from inside to the outside
>go through because they think it's friendly trafic.

That is true.  Hardware firewalls may not prevent malicious software
(like spyware) from running, because it's already behind the
firewall.  Hardware firewalls protect against intrusions from
outside.  But they can prevent malicious software from working
properly too.

>Software firewalls need to be installed on every computer and need
>to be set up seperatly. Advantage is that if you have a computer that
>will never use anything other than http you can block all other trafic
>from and to that computer.

No.  Software firewalls are easily circumvented.  I know of at least
one spyware/adware thing that installs itself in the chain between
the software firewall and the outside world.  Software firewalls are
easily bypassed if the malware is written to account for software
firewalls.  For example, it's not inconceivable for someone to
release a virus like what ran rampant last week, but pre-release
something else (javascript spam mail or whatever) that bypasses your
software firewall and forces open the communication ports that the
virus needs to infect your computer.

A software firewall doesn't do diddly squat in the face of a
determined hacker.  That's the big lie.  Here's a message that describes
the situation:
http://groups.google.com/groups?selm=99k61j%24evk%241%40calcite.rhyolite.com

Pretty much all you can rely on software firewalls for, is to
prevent unwanted communication from known software that you use
frequently (like preventing Windows Media Player from communicating
serial numbers back to Microsoft).

With a hardware firewall, external to your machine, you're better
protected.  The communication ports that it blocks remain blocked.
They're typically little devices that have a unix kernel burned
into a ROM, which can't be messed with.  Plus, in the form of a
NAT firewall/router they have the advantage of letting you connect
multiple computers to one IP address (one internet service).

>Personaly i think, in most of our cases, that software firewalls
>are better to use. Easier to understand and because they work with
>rules that are easy to understand they are easy to setup and that
>will protect you better than a hardware firewall wich you might set
>up wrong.

Hardware firewalls require almost no set-up.  Software firewalls
require constant tweaking and fiddling to get the optimum balance of
security and usefulness.

-Alex