|
2003-07-11, 04:15
|
#12 |
Jan 2003
North Carolina
2×3×41 Posts |
Some,not all, routers have built in firewalls (and even then you have to activate them), but I still run zonealarm and see something come through to the OS once in a while. zonealarm is about 0.5% on my 1.466 MHz AMD XP. I think za does a fixed amount of work even when (mostly) idle and so the faster the processor, the less of a hit.
john |
|
|
|
2003-07-11, 06:24
|
#13 |
"Mike"
Aug 2002
2·23·179 Posts |
Most ordinary routers have NAT, which functions as a very primitive firewall in that usually all incoming ports are blocked unless you have specifically set them otherwise...
Some higher end consumer routers advertise features like SPI but I've owned most of them and IMO they are less than worthless... Security is the fine art of balancing usability with safety... I can make a box 100% secure from the Internet by disconnecting the cable but then usability suffers... I rarely get attached to a piece of hardware, especially one whose operation is such that you never see it, but a few months of owning my Pix has made me a lifetime believer... Now if I could just get a Prime95 client for it! [code:1]pixfirewall> show version Cisco PIX Firewall Version 6.2(2) Cisco PIX Device Manager Version 2.1(1) Compiled on Fri 07-Jun-02 17:49 by morlee pixfirewall up 1 day 14 hours Hardware: PIX-501, 16 MB RAM, CPU Am5x86 133 MHz Flash E28F640J3 @ 0x3000000, 8MB BIOS Flash E28F640J3 @ 0xfffd8000, 128KB 0: ethernet0: address is 000c.cec3.de88, irq 9 1: ethernet1: address is 000c.cec3.de89, irq 10 Licensed Features: Failover: Disabled VPN-DES: Enabled VPN-3DES: Disabled Maximum Interfaces: 2 Cut-through Proxy: Enabled Guards: Enabled URL-filtering: Enabled Inside Hosts: 10 Throughput: Limited IKE peers: 5 Serial Number: ????????? (0x????????) Running Activation Key: 0x???????? 0x???????? 0x???????? 0x???????? Configuration last modified by enable_15 at 23:16:30.277 UTC Thu Jul 10 2003 pixfirewall# show cpu usage CPU utilization for 5 seconds = 1%; 1 minute: 0%; 5 minutes: 0% [/code:1] I've run slower boxes than this on GIMPS... |
|
|
|
|
2003-07-11, 17:37
|
#14 | |
Aug 2002
3108 Posts |
Quote:
Xyzzy, you can run no SW firewall at all with that Pix thing? How much does one of those cost? How complicated is it to set up and configure? |
|
|
|
|
|
2003-07-11, 20:43
|
#15 | |
|
"Mike"
Aug 2002
823410 Posts |
Quote:
I've posted a pile of pictures in that thread I listed above... There are, of course, many solutions to a problem like security, and a lot of them are quite a bit cheaper, so you will want to investigate all of them before making a decision... Here is a great book... http://www.oreilly.com/catalog/fire2/ Here is some documentation on the Pix... http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_63/config/63config.pdf As you can see, this ain't no Linksys... |
|
|
|
|
|
2003-07-26, 06:23
|
#16 |
|
Apr 2003
California
22·23 Posts |
I have DSL. Since it uses an Ethernet modem, it is connected to the PC by an Ethernet connection. On Windows XP Professional SP1 (and 2000?), I right-clicked the connection and chose Properties, chose the Advanced tab, & checked the Internet Connection Firewall box.
So I uninstalled ZoneAlarm and still have a software firewall. Simpler, more CPU cycles for Prime95! |
|
|
|
|
2003-07-27, 20:01
|
#17 |
Oct 2002
Lost in the hills of Iowa
1110000002 Posts |
I would *not* trust any Micro$loth "security" product. PERIOD.
Micro$loth is *NOTORIOUS* for the poor quality of the code they release, and the number of exploits and security HOLES they allow in their released products. I would *not* class Zone Alarm as "wasted cycles" if you don't have a *NIX-based firewall or a specific firewall appliance in place. NAT is *NOT* in any way, shape, or form a "firewall" - it can be *integrated* with a firewall, and under LINUX commonly is so integrated, but NAT by itself offers NO security protection. "Security by obscurity" isn't. |
|
|
|
 |
| Thread Tools | |
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Cant contact seventeenorbust.com | Unregistered | Information & Answers | 2 | 2012-04-16 23:51 |
| Everything will be down for server upgrade | Joe O | Sierpinski/Riesel Base 5 | 2 | 2010-12-05 15:14 |
| Contact Us | Unregistered | Information & Answers | 1 | 2010-09-14 23:27 |
| Upgrade to v5 server -- v4 completion not sent | OzoneTom | Information & Answers | 3 | 2009-08-05 15:14 |
| Kerio Enterprise Firewall 6 | BranMuffin | Software | 2 | 2004-06-23 02:44 |
