The reality is all non-ASIC based firewalls are software of one sort or
another. However 'client' end firewalls - ie: 'Software' types like
Norton and Zone Alarm, can be targeted by viruses that sneak in and
disable them. We have now seen Spyware that disables the AV/Firewall
product. In this case, 'Firmware' based units like Netgear, Dlink,
LinkSys etc., provide somewhat better protection.
'Software' as a last resort...hardware is cheap.
R.
-----Original Message-----
From: David L Rice [mailto:drice39@cox.net]
Sent: May 7, 2005 6:44 PM
To: netnut6@comcast.net; firewalls@securityfocus.com
Subject: RE: Software vs hardware firewalls ...
I would say for home users one is better than another, I would suggest
both as layers of security provide for increased protection and more
work for an attacker. Remote exploits to an operating system (desktop)
are less likely to work against if there is a hardware solution in front
of the desktop.
-----Original Message-----
From: netnut6@comcast.net [mailto:netnut6@comcast.net]
Sent: Saturday, May 07, 2005 12:31 PM
To: firewalls@securityfocus.com
Subject: Software vs hardware firewalls ...
Hello,
I was wondering how a software based firewall(mcafee, Norton etc) can
help
protect your machine if the operating system(Windows XP) is vulnerable?
Also how is a software based firewall any better then hardware. The way
I
see it if you have a software based firewall and the operating system
has
security issues I doubt very much a software firewall will protect that
machine.whereas if it's a hardware based firewall and the operating
system
has vulnerabilities the chances of it being attacked are slim since they
would have to first find some vulnerability with the hardware firewall
then
go after the operating system(firewall default settings with all ports
closed). Obviously if a port is open and that application has a
vulnerability then it would get attacked. Please let me know if I'm on
the
right track here.
Thank you..
