Page 4 of 5 FirstFirst ... 2345 LastLast
Results 31 to 40 of 45

Thread: Firewalls: Hardware and Software

  1. #31
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    So many systems these days are 24/7 systems, for whatever reason (which may be unknown to you). Considering that availiability is a cornerstone of the security requirement triad... seems a big consideration.
    So, you are saying that if they are NOT 24/7, they should be left connected?

    Is this PWC policy?

    Also, where is your acknowledgement of defeat over the plug theory as a physical firewall


  2. #32
    Banned
    Join Date
    May 2003
    Posts
    1,004
    So, you are saying that if they are NOT 24/7, they should be left connected?
    If you can find that anywhere in my posts, might be a good idea to look into a nice haldol perscription, might help you reconnect with reality.

    Clearly a system should only be on when it is needed, I merely stated that frequently the availability requirements may be unknown to external parties.

    Also, where is your acknowledgement of defeat over the plug theory as a physical firewall
    Defeat? What am I defeated over? The firewall you described is a simple packet filtering firewall (albeit a bad one). No where did I say that a firewall that actually breaks the physical connection cannot exist (in fact many switches with builtin filiting functionality operate in this manner), merely that it is not useful or correct to segregate firewalls in this manner.

    cheers,

    catch

  3. #33
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Hmmmm,

    If you can find that anywhere in my posts, might be a good idea to look into a nice haldol perscription, might help you reconnect with reality
    No, I cannot find it explicitly, but it sure as hell is implicit!...............perhaps you should go and get a job with Arthur Andersen............you obviously have their mentality...........and you seem to know the names of pharmaceuticals...........



    Clearly a system should only be on when it is needed, I merely stated that frequently the availability requirements may be unknown to external parties.
    And I merely stated that if a system is not required it should be off? ..........do you have some sort of problem with the English language old chap?

    The firewall you described is a simple packet filtering firewall (albeit a bad one).
    No, you are now displaying your ignorance. A machine that is not connected has a perfect firewall.....and you can quote all those letters, pseudo qualifications and whatever...........if you cannot understand that fundamental reality.........you are doomed. No "packet filtering" there are none!..............the damn thing is NOT CONNECTED!

    Keep taking the tablets son

  4. #34
    Senior Member
    Join Date
    Apr 2004
    Posts
    1,024
    Originally posted here by catch
    [B]Wow, you teach all that without even touching on the different types of firewalls?
    Yup, Sure do. A firewall is this thing that helps keep things out of your computer. That about half of what I try to get through to people... I really don't think that requires touching on different types of firewalls? Correct me if I'm wrong and you've worked with more rednecks than I have, but they don't have the greatest attention span for much of anything technical.


    Both can offer equal functionality... so now the question for you... since I am clearly ignorant on this subject... what are the different uses for hardware and software firewalls?
    For these folks, It's how many computers/devices you have. If you have more than computer, or device that needs/wants interenet, you should go with a router, which doubles as a hardware firewall, so that you don't have to buy a firewall for each device, and so that you don't have to buy a hub.

    What information do you consider? Is a kernel proxying "software" firewall the same as an application level "software" firewall? Is a packet filtering "hardware" firewall the same as a stateful inspection "hardware" firewall? Is a stateful inspection software "firewall" the same as a stateful inspection "hardware" firewall?
    Does it really freaking matter? I'm trying to get SOMETHING put on their computer to reduce the number of bots, zombies, worms, etc. I could care less, they could care less.

    More to the point, what if I run the software from a "hardware" firewall, within an emulator on a general purpose system using hardware that offers comparable performance... now what?
    Then you're a computer nerd/expert/etc, not a normal dumbass home user, so you don't fall into the group of people I work with.
    [H]ard|OCP <--Best hardware/gaming news out there--|
    pwned.nl <--Gamers will love this one --|
    Light a man a fire and you\'ll keep him warm for a day, Light a man ON fire and you\'ll keep him warm the rest of his life.

  5. #35
    Senior Member
    Join Date
    Dec 2003
    Location
    Pacific Northwest
    Posts
    1,675
    [/repartee]

    Although the bantering back and forth is quite enjoyable and provides a wealth of info, time to get it back on track for a second. The purpose of the Thread was to provide a list of the names of firewalls that were most recommended by the AO community. I thought I’d keep it simple and write the name of the firewall down, count how many times it (the name) was recommended, and then only categorize it (the name) into either; hardware (software on dedicated hardware) or software firewalls. Why the name? Before I ran with this we were constantly encountering: “I’m not gonna do any research, search the archives, or google, before I ask: “which firewall (read name because they did not have a clue about type or generation) is the best?” question.” Additionally, one of the most determining factors governing their choice was whether the firewall was “free” and not it’s functionality. They wanted only a name.

    Therefore the original post is a rank order of brand names based on the number of recommendations of that particular name.
    [repartee]

    Definitions provided for catch:

    brand, Implied Synonym: trademark
    name, Implied Synonym: given name


    cheers
    Connection refused, try again later.

  6. #36
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Relyt old chap,

    I hate to have to say this, but I am coming to the conclusion that to bypass a certain someone's ego wall

    W E W I L L H A V E T O US E B R I G H T L Y C O L O U R E D C A P I T A L S


  7. #37
    Senior Member
    Join Date
    Dec 2003
    Location
    Pacific Northwest
    Posts
    1,675
    Is that egowall a "Hardware" or "Software" egowall? Doesn't seem we have had any luck tunneling through it.

    Connection refused, try again later.

  8. #38
    Banned
    Join Date
    May 2003
    Posts
    1,004
    *sigh*

    That is one reason why I p1$$ myself at these people bragging about their "uptime".
    !=
    I merely stated that if a system is not required it should be off?
    And that was the part I was responding to when I said that you may not know the system's requirements, so the bragging may be valid.

    No, you are now displaying your ignorance. A machine that is not connected has a perfect firewall
    Not only is that not the perfect firewall, it's not a firewall at all. Firewalls filter and monitor, a computer that isn't connected isn't networked and therefore can't have its network connection filtered or monitored.
    "Any of a number of security schemes that prevent unauthorized users from gaining access to a computer network or that monitor transfers of information to and from the network."
    - http://dictionary.reference.com/search?q=firewall

    Next we have The Grunt telling us how it is important to learn to communicate to rednecks in lieu of actual correct information. I personally feel that security for non-computer people should be a voice that is heard here. If you know security, your client is irrelevant, you can adapt your approach accordingly. On the other hand if you only know security for non-computer people, moving past that becomes more difficult.

    Relyt, yes... and I didn't argue with that. What I did comment on is the mere idea is useless. First, you didn't categorize the firewalls in a useful manner... you categorized them by what they look like and not what they do... which I find particularly useless in this instance because if you read through those old posts, you'll find that many of the "software" firewalls you mentioned we originally posted with the idea of running it on it's own computer with a minimallized and hardened OS... AKA a dedicated firewall. So now where is the line? Your hardware firewalls and some of your software firewalls now have the same network footprint and same functionality.

    Secondly I commented on the point of trusting users here and the value of "most mentioned", The Grunt is a fine example. How many users that found the number of references useful, might change their mind when seeing who those references were made by, and what for?

    Why not make a good post comparing firewalls? It'd take every so slightly more effort but would actually have added some value. I've made my point and am done with this thread, have fun with your puns and vivid fonts.

    cheers,

    catch

  9. #39
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Hmmmmmmmmmmmmmm

    *sigh*
    Where have I seen that before?

    An admission of defeat?.........


  10. #40
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    in fact many switches with builtin filiting functionality operate in this manner
    I want one of them thur switches, so that when I'm done fishin' I can just send me bagful of fish for cleanin'........

    Hell, we be house-hunting right now for homes on a lake so this little deeevice would be rite purdy.....
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •