Techware Labs Header

Forums have moved

See this announcement for more details, or just go directly there.

  #1  
Old 03-08-2006, 08:33 AM
JohnE JohnE is offline
Techie
 
Join Date: Oct 2002
Location: Manchester, England
Posts: 116
Default Who understands hardware firewalls?

For the past couple of years I've been using a software firewall (Zone Alarm Pro). It seems to be quite effective but it can sometimes be intrusive - not letting me access sites that I want to visit (for example, on Ebay, it will often allow me to see some pages but not others).

For ages, my mate has been telling me to ditch Zone Alarm and buy a hardware firewall but I don't really understand how they work. I have a mental picture of them being even more intrusive than Zone Alarm.

With a software firewall, it doesn't prevent trojans etc from getting into your PC but if anything tries to get out, it will flag up a message asking if you want to allow it. My understanding of hardware firewalls is that they're pretty much the opposite. They simply don't allow trojans to get in in the first place. But how do they know what is a trojan? Many web sites include Java & ActiveX controls which do various things. How does the firewall know which are malicious and which are benign?

And what if I specifically want to download an executable file - e.g. from an FTP site? My experiences of actually trying to send an exe to someone with a hardware firewall have always been bad. Are these hardware firewalls all they're cracked up to be?
Reply With Quote
  #2  
Old 03-08-2006, 08:29 PM
Jason425 Jason425 is offline
Lab Master Techie
 
Join Date: Sep 2002
Location: The Matrix
Posts: 7,353
Send a message via AIM to Jason425 Send a message via Yahoo to Jason425
Default

I think software firewalls are good because they provide a human element (you) to them.
A hardware firewall won't stop some program you download from connecting to the internet (unless said port is blocked)...
I even use zone alarm at work where we have a cisco firewall... just to be safe.

I don't 100% trust hardware firewalls.
__________________
Dell Inspiron 1420 in Midnight Blue - Intel Core2Duo T7300 2.0GHZ/4MB - 2GB Ram - Nvidia 8400 GS 128mb - DVD/RW - 160GB 7200RPM - 14.1" Antiglare - Intel 4965AGN - Bluetooth 2.0 - 2MP Webcam - Vista Home Premium
2005 Mazda3i in Strato Blue
http://www.jasondsmith.net

Reply With Quote
  #3  
Old 03-08-2006, 09:54 PM
JohnE JohnE is offline
Techie
 
Join Date: Oct 2002
Location: Manchester, England
Posts: 116
Default

Thanks for the advice, Jason. As it happens, my computer can dual-boot into either Windows 2000 or XP. Under XP, Zone Alarm works flawlessly - but under Win2K, it keeps "getting in the way" and refusing to connect to certain web pages - even diffferent pages within the same site. In fact, it won't let me send emails on one of my accounts either!!

I know that Zone Alarm is causing the problem because if I uninstall it and re-install, everything's fine for a few weeks - but slowly, it starts to intefere again. Zone Labs say that the TrueVector service must be getting corrupted - but I don't know what that means or how to prevent it...
Reply With Quote
  #4  
Old 03-08-2006, 10:09 PM
Jason425 Jason425 is offline
Lab Master Techie
 
Join Date: Sep 2002
Location: The Matrix
Posts: 7,353
Send a message via AIM to Jason425 Send a message via Yahoo to Jason425
Default

I haven't used 2000 in a long time on my system, so I guess i'm not much help there. Any firewall is better than no firewall.
__________________
Dell Inspiron 1420 in Midnight Blue - Intel Core2Duo T7300 2.0GHZ/4MB - 2GB Ram - Nvidia 8400 GS 128mb - DVD/RW - 160GB 7200RPM - 14.1" Antiglare - Intel 4965AGN - Bluetooth 2.0 - 2MP Webcam - Vista Home Premium
2005 Mazda3i in Strato Blue
http://www.jasondsmith.net

Reply With Quote
  #5  
Old 03-26-2006, 08:08 PM
vee_ess's Avatar
vee_ess vee_ess is offline
Super Moderator
 
Join Date: Aug 2001
Location: Phoenix, Arizona
Posts: 2,781
Send a message via ICQ to vee_ess Send a message via AIM to vee_ess Send a message via MSN to vee_ess Send a message via Yahoo to vee_ess
Default

The advantage to hardware firewalls is that hackers and malware can't reconfigure it nearly as easily as software firewalls. Software can be easily compromised because by nature it is easily modifiable, while hardware is not. At the same time, this allows software to be upgraded and updated easily (and a lot cheaper).
__________________

It's not a car, it's an addiction.
The only carb that matters is under the hood.
There's an option for most vehicles that increases brake horsepower, increases mileage, increases driver control, lasts longer than the alternative, and even reduces the price of the vehicle. Despite all this, most people in this country choose the alternative, an automatic transmission.

Reply With Quote
  #6  
Old 04-25-2006, 02:44 PM
xMerCLorDx
 
Posts: n/a
Default

> I think software firewalls are good because they provide a human element (you) to them.

the only reason in your case that hardware firewalls do not, is that you don't own or manage them yourself.

> A hardware firewall won't stop some program you download from connecting to the internet (unless said port is blocked)...

since port blocking and application layer filtering are a key component to both hardware and software firewalls I fail to see your point.

> I even use zone alarm at work where we have a cisco firewall... just to be safe.

So your real argument is that you don't trust the network you're on, in which case make the firewall as local as possible. Though this is not what JohnE seems to be asking for, since he is debating whether to purchase and manage his own firewall.

> I don't 100% trust hardware firewalls.

The only reason you don't trust hardware firewalls is that you aren't the one in control of the administration of it at your work. You are misplacing the trust you should have instead placed on those who you don't trust to configure your firewalls at work.

Not trusting hardware firewalls is such a ridiculous statement, as they are not unlike software firewalls. Hardware firewalls also run on their own software. To claim that you don't trust hardware is bordering on my level of paranoia because you might as well be paranoid about your own computer being untrusted, much less the activity on the network you use.
Reply With Quote
  #7  
Old 01-23-2009, 11:52 PM
_AA_ _AA_ is offline
Techie
 
Join Date: Sep 2002
Location: UK
Posts: 23
Default

LOL, browsing through these old pages this made me chuckle...

Quote:
"I think software firewalls are good because they provide a human element (you) to them."
Any security expert in the world will tell you that the biggest security risk to any network is the user. Users are stupid, so when you give a user power over something which is there to protect you, you're effectively opening up a big gaping hole.

Hardware firewall is an appliance that sits inline between you and the interweb and filters traffic. Obviously you configure what it should filter. Obviously if you mess up here, you're defeating the point of even having a software firewall, which FYI filters on the NIC of the PC it's installed on.
__________________
-- The System Will Destroy Itself !! --
Reply With Quote
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT -5. The time now is 09:25 PM. Powered by vBulletin® Version 3.6.5
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Forum style by ForumMonkeys.