[KLUG Members] Re: Routers & Firewalls
Mike Williams
members@kalamazoolinux.org
Fri, 28 Feb 2003 01:33:39 -0500
This is a multi-part message in MIME format.
--------------040704030702040909070604
Content-Type: text/html; charset=us-ascii
Content-Transfer-Encoding: 7bit
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html;charset=ISO-8859-1">
<title></title>
</head>
<body>
<blockquote type="cite">
<pre wrap="">From: Taz <a class="moz-txt-link-rfc2396E"
href="mailto:htgage3@chartermi.net"><htgage3@chartermi.net></a>
To: members <a class="moz-txt-link-rfc2396E"
href="mailto:members@kalamazoolinux.org"><members@kalamazoolinux.org></a>
Subject: [KLUG Members] Re: Routers & Firewalls
Reply-To: <a class="moz-txt-link-abbreviated"
href="mailto:members@kalamazoolinux.org">members@kalamazoolinux.org</a>
Hi All,
In considering the need for a router, and wanting to stay with a brand
that I trust (Netgear,) (unless the gurus feel otherwise.) I see that
Best (Worst? <img src="cid:part1.02080806.02070003@zuzax.com" alt=";-)"
class="moz-txt-smily" height="19" width="19" align="middle"> ) Buy has two that I am interested in, except for cost.
My bean counter will have a canary if I tell her the cost of the one,
but I want what is the best for the long haul.</pre>
</blockquote>
I can't say enough nice things about Netgear. I have an ISDN router
from them (RT 328) that has been fantastic. I noticed a weird
incompatibility with a new phone recently, but other than that it's been
flawless for 5 years. I called support about its strange behavior, and
they exchanged the unit, even with it's age. The new one behaved
exactly like the old one, but still: replacement 3 years after the
product was disco'd is bordering on amazing.<br>
<br>
<blockquote type="cite">
<pre wrap="">
Netgear Cable/DSL Firewall Router with 4-Port Switch —
FR314
Integrated 4-port switch shares high-speed cable/DSL
Internet
connectivity; true firewall security prevents attacks;
access
filtering capability
View all products in this category.
ThinkAbout™ It
$249.99
or
Netgear Platinum Cable/DSL Web Safe Router with 4-Port
Switch — RP614
Built-in 4-port switch to share high-speed cable/DSL
Internet
access and more; content filtering and browser
activity
monitoring; NAT firewall
View all products in this category.
In the mighty gurus opinions, which of the two is the best buy? True
firewall security or NAT firewall? Or should I just get a plain router
and use a old box that I have for a firewall?
TIA
Bruce</pre>
</blockquote>
Ahem, well it's difficult to give you a good opinion on value when you
only give prices on one of them. Anyway, I'm seeing 3 levels of
security (and cost) here. 1) the little router, and assume NAT is good
enough security, which for small operations, it probably is. If you can
redirect different ports to different IP's, compromising a system
behind the NAT is not easy. 2) the big router. All of the above except
that it's even harder. It doesn't just map port 80 through, it makes
sure that it's actually HTTP traffic on that port rather than something
else. 3) Linux firewall. Seems to me you don't even need the router
here, just an old computer with 2 or 3 NICs. (I'm assuming the WAN
connection is already converted to ethernet here?) This will take up a
lot more space, even with a smallish machine, but give you far more
flexibility. In particular, this is likely the only way to get a DMZ
out of the system, and it's more likely to support things like VPN.
I've never messed with one of these, so I don't know how easy they are
to manage. <br>
<br>
</body>
</html>
--------------040704030702040909070604
Content-Type: image/gif
Content-Transfer-Encoding: base64
Content-ID: <part1.02080806.02070003@zuzax.com>
R0lGODlhEwATAKIAAP//AMzMADMzAP///wAAAP///wAAAAAAACH5BAEAAAUALAAAAAATABMA
AANQWLrUTisyEoC1oUlFr8dQRHykFRZd+WWcJYyqiVbEMMAmDmRw3eS63OUXExZJxKMniSw1
aM4kq/dhAkKpB0GwOuEeSEmqxNo8u6cNSptWJAAAOw==
--------------040704030702040909070604--