Network Security guide for the home or small business network – Part 1 – A Hardware firewall



Computers can communicate over networks. (Surprise!) That’s how you’re reading this post. The machine that this site is hosted on is listening for requests for connection. When it receives a request it answers back with a web page. In fact, computers can listen for a great many different kinds of connection at the same time. In networking we talk about a computer listening on a given “port”. The web server for this site (and most web sites) listens on what’s called port 80. There are 65535 possible network ports that a computer can listen for incoming connections on.


Sometimes I use an analogy for ports comparing them to doors and windows in your house. Your home has doors and windows. People or animals or flies can come in to any window or door that’s open, but not doors or windows that are closed, right? It’s best then, if you don’t want unwanted pests *(or people or anything else) in your house to leave the doors and windows closed and locked. So what’s the best way to make sure that those ports are locked on a pc?

A hardware firewall. If you have a high speed internet connection you pretty much need some sort of hardware firewall. Sometimes combination cable/dsl modems/routers will serve the same purpose as a simple hardware firewall. How can you tell? There are some online tools that will help. My favorite is at GRC.com (Gibson Research). The port scanning tool is called “Shields up” Go to their page, there will be a brief welcome page, then the homepage, scroll down until you see the link to ShieldsUP! READ the page, then click proceed. Now read this page and under services click “All service ports”. This scan will only cover the first 1056 network ports, but should give an idea if you have a firewalled connection or not.

IF, the scan shows that all the ports are “stealth” that’s very good, you are probably well firewalled. If the ports show up as closed that’s still good, but not AS good. It might be worth to investigate further to see if you do have a hardware firewall of some sort. If ports show up as open you will need to make a list of which ports appear open (by the numbers) and find out why. In the meantime you should probably firewall the connection.

Now, obviously if someone else is managing your internal network, you need to consult with them on this. It’s possible that those open ports are there for a reason, but if YOU are an end user that has directly bought internet service from a high speed ISP and has never had a computer consultant in to manage your network, then you need to take responsibility. NEVER assume that “the phone company must have made it secure when they set it up.”

Hardware firewalls come in many sizes and featuresets. Mine is a PC running a linux distribution designed to be a firewall. (Old 486 based computer with 32 MB of memory). I used to have a small box from netgear that offered several features for logging. The simplest will allow you to deny all inbound connections by default and let you manage what connections in you want to allow. It’s worth noting that installing a hardware firewall will not prevent you from getting email, browsing the web or many other tasks online. SOME things, like peer to peer file sharing (bit torrent) work better with modifications to a firewall, but that’s a more advanced topic. The fact is this: security is a balancing act between convenience and safety. Something’s are worth doing. A hardware firewall is one of those.

But I have windows firewall enabled isn’t that safe? Yes, but…. a hardware firewall is a much better solution. More next time…

Related Posts

Blog Traffic Exchange Related Posts
  • Network Security guide for the home or small business network - Part 18 - What about Dialup Users? So, most everything so far has been targetted to high speed internet users or business networks. That means if I use dialup I'm safe. Wrong. For starters, in many ways dialup internet is LESS of a risk than high speed broadband for two main reasons. First, high speed/broadband connections are......
  • Network Security - Hub or Switch? So, for those that have a little bit of knowledge about network hardware, you've probably heard this. "You can't sniff switched networks".... wrong.... let's see what this is about. Older networking hardware was dominated by what's called a hub. This was basically a "dumb" device that when it received data,......
  • Network Security guide for the home or small business network - preface OK, this is an ambitious idea, but the two articles on Titan Rain and the lack of IT security training has planted a bug under the saddle so to speak.... I don't know how many parts will be in this series. In fact, I may add to it from time......
Blog Traffic Exchange Related Websites
  • Lorex Security Solutions LOREX is a global leader in video security camera solutions offering exceptional performance with a wide range of products including security cameras, wireless security cameras, ip cameras (network security cameras), security dvrs, observation systems and other complete security systems. LOREX solutions are easy to setup and features plug and......
  • Gateway Netbook Review - LT2802U Netbook LT2802U is one of the latest model Netbook from Gateway. Gateway releases various products into the market like Netbook, Desktops and Flat monitors. Last time, i took you through the Gateway Mini Netbook Review and this time about LT2802U. Netbooks are second choice, if you are not willing to......
  • Useful Google Chrome Shorcut Keys Useful Google Chrome Shorcut Keys CTRL + SHIFT + N : automatically opens up a Chrome ‘incognito’ window which allows you to surf on a PC without leaving behind any digital footprints. SHIFT + Escape: allows for fast access to Chrome’s task Manager utility that allows you to nix browser processes......
en.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Leave a Reply

You must be logged in to post a comment.


Switch to our mobile site