Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Firewalls
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Software vs hardware firewalls ...

from [Amit shrma] Network Security [Permanent Link]
Subject: Re: Software vs hardware firewalls ...
Date: Mon, 09 May 2005 12:47:43 +0530 

Hi,

i read your point of view on this issue. What i think is that the first
thing is that which hardware firewall you are opting for. Software
firewalls do have their limitations like if your machine is infected
with a worm, blocking a port wont help you out with a software firewall.
But then with software firewalls, you can recover easily from
disastraous situations.
With hardware firewalls, you see it this way, that the attacker will get
one more thing to play with.
Software firewalls 'if configured to the point of perfection' are also a
better solution. ISA 2004 sever is a good example for implementation &
wide variety security as software firewall. As it has application level
filtering also.

I also have a wonderfull option of first closing all the ports which are
not in use or which are widely exploited, like port nos : 445,
1025-1039, 137-139 ( Netbios TRIO) & all others. Block port 135 or close
DCOM service if not in use.

Software firewalls needs an extra monitoring of logs, as to find out how
effective your firewall & is your rules on software firewall are
properly created or not.

What you say ?

Thanks
Amit Sharma
Network Engineer
Indian express newspapers
India

On 7 May 2005 19:31:18 -0000, netnut6@comcast.net said:



Hello,

 

I was wondering how a software based firewall(mcafee, Norton etc) can
help protect your machine if the operating system(Windows XP) is
vulnerable?
Also how is a software based firewall any better then hardware.  The way
I see it if you have a software based firewall and the operating system
has security issues I doubt very much a software firewall will protect
that machine.whereas if it's a hardware based firewall and the operating
system has vulnerabilities the chances of it being attacked are slim
since they would have to first find some vulnerability with the hardware
firewall then go after the operating system(firewall default settings
with all ports closed).  Obviously if a port is open and that application
has a vulnerability then it would get attacked.  Please let me know if
I'm on the right track here.

 

 

Thank you..

-- 
  Amit shrma
  sharmaamit@eml.cc
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Multicast on Checkpoint, Yibran Montalvo
Next by Date:  Re: Which one to choose: Checkpoint,Cisco,Juniper Netscreen, jerome decool
Previous by Thread:  RE: Software vs hardware firewalls ..., David Gillett
Next by Thread:  RE: Software vs hardware firewalls ..., Ha, Jason
Indexes:  [Date] [Thread] [Top] [All Lists]