Tired of configuring firewalls??

[Damian87]

Me too,
i'm so sick of routers and opening ports and configuring them

My question is: Is there a such thing as a wireless hub that doesn't have a firewall and all it does is network computers?

I've been looking around but no luck so far.

Being your average home user, do you really think you need that much security? i doubt someone is going to invest that much time into hacking your network so they can steal your downloads, LOL.

I have the best security system ever: i have nothing important or worth any value on my computer

[jdhurst]

<snip>
My question is: Is there a such thing as a wireless hub that doesn't have a firewall and all it does is network computers?
<snip>
Being your average home user, do you really think you need that much security? i doubt someone is going to invest that much time into hacking your network so they can steal your downloads, LOL.
<snip>

On your first point: Not that I know of. Most any hardware device today is a nat'd device which is a basic firewall. My Netopia Router is plenty secure but requires no firewall configuration. I do have to configure the WAN and the Wireless, but that is all. Then I have to permit my software firewalls to the range of IP's used by the hardware firewall. This is a once-in-a-while exercise (because every VMware upgrade changes the NAT range of IP's), but it is hardly difficult or onerous.

I think your second point widely misses the mark. Just who's computer do you think criminals use to send out their phishing frauds? Yours! When I get spam (not much due to greylisting and Spamassassin), it never (I mean ***never*** ) comes from crime.com, it *always* comes from some chump's computer who thinks they don't have to secure it.

Computer security is a basic fact of life like locking your front door, and keeping your money secure.

[leoblob]

If you have a hard-wired network running behind a router, and each computer is running Zone Alarm, what kinds of firewall security issues might remain?

[christopher_wolf]

I don't seem to mind the configuration taks of a few routers at home. There is always NAT, which takes care of most of the security through the hardware as John pointed out; I just use Kerio Personal on top of it and that's it.The biggest thing, in terms of difficulty and avoiding it, is how consistent you are with all the security from the beginnning.

[Puppy]

No, the basic rule is no inbound connections allowed.

[jdhurst]

No, the basic rule is no inbound connections allowed.

So, you cannot update Windows, browse the web, or read email? All of these have inbound connections. True, don't allow random inbound connections, but your work must allow inbound connections from the sessions you initiate. ... JD Hurst

[carbon_unit]

Me too,
i'm so sick of routers and opening ports and configuring them

My question is: Is there a such thing as a wireless hub that doesn't have a firewall and all it does is network computers?

I've been looking around but no luck so far.

If you really want to bypass the NAT in you router just plug your DSL, Cable, whatever connection into one of the LAN ports on your router instead of the WAN port.

Being your average home user, do you really think you need that much security? i doubt someone is going to invest that much time into hacking your network so they can steal your downloads, LOL.

I have the best security system ever: i have nothing important or worth any value on my computer

Except maybe some script kiddie's p0rn or warez in some hidden folders.
It happens. I just found some on a server at the local Ford dealer last week. They had no protection either. They do now.

[Miller88]

My router refuses to forward ports.

[GomJabbar]

I just replaced a SMC wireless router w/print server with a Netgear PROSafe wireless router w/print server. But just previous to this, my DSL modem apparently kicked the bucket while I was out of town. I tried troubleshooting the problem with my family over the phone but got nowhere, so I had them call up our ISP. The ISP determined the modem needed replacement. They sent a new (different) DSL modem to the house, but in trying to set it up with the wireless router, my household could make no connection at all. I tried to help, but the documentation for the Zyxel modem was beyond my ken. Again the ISP to the rescue to get the modem working. We left the wireless router disconnected until I could come home and figure it out.

Once home, I had trouble setting up the router to work with the modem and I was beginning to think they were incompatible for some reason. I kept plugging along however, and eventually I discovered the issue. With my previous modem, the connection between the router and the modem needed to be PPPoE. With the new modem this setup did not work - I had to set up a Bridge Connection instead.

Setting up the new Netgear wireless router took a little work, but was nothing compared to the configuration options available with the Zyxel DSL modem. Not having a networking background, many of the terms were (and are) alien to me.

[Damian87]

you guys brought up some really good points that i didnt even consider.

Darn it i'm not fond of technological warfare

[Turbo Audi]

Im sick of trying to get Network Manager working in Linux so I can use my WPA-set router.

[Nigellus]

I have never seen my firewall as a nuisance.

[techflavor]

Im sick of trying to get Network Manager working in Linux so I can use my WPA-set router.

In order to connect to a router configured for WPA, you need to use WPA_supplicant.

[Stargate199]

My Belkin Wireless G router has a hardware firewall, but it seems to be a smart firewall. I can go configure and forward ports, but I don;t have a reason to because everything works fine. The one thing I hate is trying to configure ZoneAlarm. I know the software is good, but sometimes I think it gives me more trouble that it's worth to run it.

[krcmd]

I have a trial version of Kaspersky Internet Security. I don't understand how to evaluate all the questions the firewall programs ask as one starts to develop rules. How does one avoid creating a sieve out of your firewall?


Thank you!

[Terrahawk]

I don't bother with the WAN port or the firewall on my wireless router. I have everything on the LAN port, and the ADSL modem attached to a linux "server" which provides firewalling, mail sorting and large web cache.

[tomh009]

I have a Proxim AP-600 802.11a access point (not a router!) connected to my Linksys WRT-11's LAN port, and another LAN port connected to a 3Com rackmount hub (sadly no rack though ...), and from there to the PIX firewall. The outside of the PIX then connects to the cable modem.

So inside the PIX, everything is wide open, no routing, no NAT. Access by wired Ethernet, 802.11a (to the Proxim) or 802.11b (to the Linksys, for guests without 802.11a!).

[egibbs]

I have an old (5 years) SonicWall and have done zero configuration to it.

It's default is to allow all outbound and deny all inbound, that has always worked well for me. Of course I don't run P2P, file sharing, IM, etc.

I am considering getting something to allow me to watch TV shows on my server when I'm on the road and that would probably require me to poke an inbound hole. Not sure I want to do that though.

Ed Gibbs

[dr_st]

Here's the way I see it in a nutshell.

While a router's NAT mechanism serves as a firewall, configuring the router to forward ports has little to do with security per se.

I needed a router because I have several machines at home, and I want them all to be able to access the internet independently. My ISP, however, won't provide me with multiple public IPs (or will do so, at a very high cost). Thus I have only one public IP, and several private IPs behind the router.

Now, the only applications for which I needed to enable port forwarding are various P2P/IM applications, that work on incoming connections. On a setup like I have, there really is no way to avoid port forwarding. The reason is that I have only one public IP, and several computers behind it. So when the router receives an incoming packet on a given port, it cannot possibly know in advance which machine to direct it to, so port forwarding is mandatory.

With that said, I'm lucky to have a router where the setup of such tasks is very simple and intuitive (Edimax BR-6104KP). I've seen other routers (Trendnet) where it was a pain in the [censored] until you found which settings are responsible, and even more pain until you got it to work.

As for the fundamental security issue, well, I don't run software firewalls on my desktop machines, because they are always behind the router, and I trust it. I do run a firewall (Kerio) on my laptop, which I constantly take with me and connect to many foreign networks.