Results 1 to 6 of 6

Thread: Are consumer-Grade Firewalls Really Secure?

  1. #1
    Senior Member Info Tech Geek's Avatar
    Join Date
    Jan 2003
    Location
    Vernon, CT
    Posts
    828

    Are consumer-Grade Firewalls Really Secure?

    Consumers shouldn't trust entry-level firewall hardware and software, Paul Henry, vice presiudent at CyberGuard, told TechNewsWorld. Both, he said, are incomplete security solutions.
    I also suggest to individuals I deal with to use a harware Router/Firewall and keep it updated. If they have a home office or a specific system they use for Finances or Personal Data it would be wise to throw a software firewall on the system and only allow the software they use on that specific machine. Besides that keeping a system patch, virus scanned, and clean. With this in place, you scare away the individuals looking for an easy box to root and you will most likely be to low scope for someone with the time and experience to go after when there are so many wide open boxes available.

    Article

  2. #2
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Based on the principle that no box connected to the internet is secure then the answer clearly is no. But I agree with you completely but will go a step further with regard to the hardware firewall available in that it also mitigates against those users who don't know what a patch is let alone where to get one and install it. OS patches prevent the exploitation of local services that are vulnerable. With a firewall the exploit cannot reach, (unless the exploit is a result of the user's actions such as visiting a malicious web site), the service in the first place so, to all intents and purposes the service is immune to exploit.

    There's nothing you can to about "user-invoked" malware except educate the user - and we all know that will never happen.... , but the basic kiddie tools, worms etc. are all mitigated on an unpatched machine that has even the most basic firewall in front of it. It's the thing I stress the most to all my users for their home computer because I get the biggest "bang for the buck" in terms of minimal time spent telling them about it coupled with the maximum security provided..... (yeah, i could go on for weeks aboutpatching, AV, updating it etc. and Spybot/Ad-aware/the cleaner and all that stuff but they won't do it regularly and they will remain vulnerable to the most basic worms and kiddie tools).
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  3. #3
    I wonder if he is including CyberGuard's entry level hardware firewall in that.....

    https://www.snapgear.com/products.html

    Seems a bit self serving for an officer at a company which produces an entry level firewall, suggesting that consumers should not trust them.... except for our own of course.

    Also, this makes me a bit suspicious

    CyberGuard firewalls have zero vulnerabilities.
    Taken from the frontpage of

    www.cyberguard.com

    Sounds a bit unrealistic to me, although I have not really investigated their firewalls too much.

  4. #4
    Senior Member Info Tech Geek's Avatar
    Join Date
    Jan 2003
    Location
    Vernon, CT
    Posts
    828
    Yeah, I'm in no way pushing any specific hardware/software in my thread, I just feel a Firewall/Router provides Functionality and Security. The only thing is, with this firewall and router I have been using and on one system I have a (free) software firewall in place. I have never had any issues. So, I take my suggestions from experience.

  5. #5
    AO Decepticon CXGJarrod's Avatar
    Join Date
    Jul 2002
    Posts
    2,038
    Originally posted here by tabich

    Also, this makes me a bit suspicious

    Taken from the frontpage of

    www.cyberguard.com

    Sounds a bit unrealistic to me, although I have not really investigated their firewalls too much.
    Maybe now, but I would wait and see if something comes out soon. I update the firmware on my Linksys router about every 6 months so I would like to see how long this lasts....remember Oracle and their "unbreakable" claim?
    N00b> STFU i r teh 1337 (english: You must be mistaken, good sir or madam. I believe myself to be quite a good player. On an unrelated matter, I also apparently enjoy math.)

  6. #6
    Senior Member
    Join Date
    Oct 2001
    Posts
    748
    http://www.secunia.com/advisories/10472/

    It would seem that their 5.1 version does in fact have a flaw. Maybe they use the same security classifications as MS and this is a bug, not a security vulnerability.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •