All posts by badbod

Networking

What is a Hardware Firewall and Which Hardware Firewall is Best?

Leave a comment

If you have more than three computers in your home or business that share the same internet connection, a hardware firewall is something you may want to consider. A hardware firewall is a device that sits in between the internet and your network, protecting all computers on the inside from dangerous intruders on the outside.

As opposed to a software firewall (also known as a personal firewall), a hardware firewall is designed to protect ALL the computers on a network instead of just one PC. It is generally more efficient and cost-effective to purchase a hardware firewall (as opposed to several software firewalls) if you have three or more computers you need to protect.

A hardware firewall is a special device that is designed to prevent outside intruders from getting you’re your network (where they can then easily get into your PC’s and servers). Firewalls can be configured to prevent access to certain types of applications that are considered dangerous (like P2P file-sharing programs) by blocking the communication ports that these applications use. A firewall will also provide some protection against hidden spyware infections, as it can help stop outgoing data packets that an infected PC may be sending to a cyber-criminal.

A firewall is considered to be the first line of defense in protecting computers from unwanted “visitors” such as hackers, worms, and remote control applications via hidden spyware. Without firewall protection your network is an “open door” to the internet, and anyone (or anything) can easily come in and out. Even if you don’t have any important files to protect, hackers and curious intruders can easily kill all your computers, take control of your network, or damage hardware beyond repair. The small investment in a firewall is nothing compared to the cost of replacing or repairing computer equipment as the result of an intruder’s visit.

Hardware firewalls use various techniques to protect your network against intruders and other internet threats. All firewall rules can be configured to apply to outbound or inbound traffic, so giving you a lot of flexibility and control in how the firewall works. Hardware firewalls can be simple or very complex, depending on the size of the network they are designed to protect. High-end corporate firewalls should be installed by a certified technician, but most home office and small business firewalls can be set up by anyone with a general understanding of networking and good technical ability.

Most hardware firewalls use some form of packet filtering, which is somewhat like a “checklist”. Certain types of data packets are allowed through, and others may be blocked. If a packet attempting to travel in or out of a network meets the criteria set for “blocked”, it is not allowed to pass.

Another technique that is often used with hardware firewalls is called Stateful Packet Inspection, also known as SPI. With SPI, a hardware firewall analyzes additional characteristics of the data packet in order to determine what to do with it. It checks to see where the packet came from, if it was sent as a response to a user request for information, if it just “appeared” out of nowhere, etc… Combined with packet filtering, SPI really makes a firewall appliance “smart”, as it can make decisions whether to block or allow data packets based on logical analysis.

Depending on the type of network they are designed for, hardware firewalls can cost anywhere from $100 for a home firewall appliance up to several thousand dollars for an enterprise-class device. Simple (easy to install and configure) hardware firewalls designed for home use are offered by D-Link, Lynksys, and NetGear. SonicWall and HotBrick are very popular hardware firewalls for small and medium businesses.

Security

Using Wireless Network – What Security Issues?

Leave a comment

The internet and wireless age have made life easy for all of us now that we can respond to our emails and surf the internet while we sip a latte, wait for a meeting, or communicate almost anywhere and anytime without the hassles of wires. Unfortunately, these benefits have come with a cost. Our love for the convenience, freedom, and flexibility of being wireless has made us potential targets for hackers, fraudsters who can connect to our computers just as easily as we connect to the Internet.

What’s the impact? The hackers can wreck havoc when they take over your computer and steal files off of your hard drive. Even worse, some may capture your passwords or steal your personal information such as credit card and bank account information. This identity thief will then use your identity to make purchases from e-commerce sites or to transfer money out of your account.

We are responsible and accountable for our own personal and our company information. That means we need to be aware of the basic security precautions that prevent the above problems from happening to us.

1. Be Careful with Wireless Hotspots

Wireless hotspots or Wi-Fi hotspots – places in fast food outlets, cafĂ©, hotels, etc. where you can connect wirelessly to the Internet – are a popular trend. What most users do not know is that those wireless hotspots’ connections are unsecured for convenience. Hackers can get on and can access the computers of the connected targeted user. That is a scary thought.

One of the popular attacks is called “Evil Twin.” The attacker near one of the wireless hotspots creates a fake public Access Point (AP). If the user is close by, the signal will be stronger and the user will connect to the fake access point instead of the real one. The attacker can provide the users with a fake web page asking them for passwords, personal and credit card information. To protect yourself, avoid signing into any of your confidential accounts or sending any sensitive data at wireless hotspots.

That does not mean “invisible” hackers are your only threat at wireless hotspots. Someone standing behind you or sitting near to you is just as likely to peep at and sniff your user name and password as you type them.

2. Use Firewalls

Personal firewalls do not stop evil twin attacks but having a personal firewall is a basic precaution that can protect your computer from many of the things hackers try to do including scanning computers for vulnerabilities and trying to penetrate them.

You should also configure your personal firewall properly for monitoring the incoming and outgoing traffic and always ensure that the firewall is turned on.

3. Use a Strong “Anti-” Arsenal

While we generally think of infecting our computers with viruses or spyware by opening email attachments or visiting certain web sites, hackers are known for introducing spyware, keyloggers to capture your key strokes, etc. via wireless connections the same way we would receive legitimate files from a co-worker. These dangerous programs can also be downloaded from certain web sites.

Using anti-virus and anti-spyware software to scan the incoming emails attachment and online files so they will alert you and block them instantaneously if any viruses or spyware are found prevents damage. Scheduled, regular scanning of your computer is also necessary.

These basic safety precautions will only protect you if you keep them updated as and when you scan your system regularly.

4. Use Encryption and Strong Passwords

You can protect your wireless network by using encryption and network key/ password with your router. Wireless routers provide Wired Equivalent Privacy (WEP) data encryption together with a Media Access Control (MAC) address. You will need to configure your MAC address and a network key that only allows you and other legitimate users to securely log in to the network.

As a user, you should always have strong and different passwords to log into your different email accounts, bank accounts, trading accounts, etc. Passwords that would not be easy to guess and that are a combination of letters, numbers, and special characters work best. Confidential file attachments should also be encrypted and/or password protected before you send them via email.

In Conclusion

In the end, protecting your wireless connection is not just about installing a firewall and anti-virus software then leaving them alone. You have to know where you are using the internet, what web sites you are visiting, and what information you are giving out through those wireless hotspots. It’s also about security awareness, education and a combination of preventative measures that you need to know and practice consistently. Remember being cautious is always better than wishing you had done something differently.