Slashdot Mirror

← Back to Stories (view on slashdot.org)

Are Consumer Firewall/NAT Boxes Really Secure?

Posted by Cliff on from the are-there-unexpected-holes-in-this-box dept.

blate asks: "Consumer-grade Firewall/NAT devices, such as those from Linksys, Netgear, D-Link, etc., have become very popular as more and more users get broadband connections. I've been using a Linksys router at home for several years and have never had any security problems. But how secure are these devices, really? The firewall guru's I know argue that a NAT really doesn't give you much beyond security-by-obscurity. What are your experiences with this (have you ever been comprimized through such a device)? Would I be better off with a Linux/ipchains firewall?"

2 of 166 comments (clear)

  1. IPCop by Anonymous Coward · · Score: 5, Informative

    Get an older computer, two nic's and IPCop, and you'll be good to go. It's a linux distro customized just for nat/firewall/proxy use, and it's easy even for a novice to setup. A more advancded user can, of course, customize it quite a bit. The latest version even supports traffic prioritization with just a tiny amount of work, and the next version will have a GUI for that.

  2. cheap test by DuctTape · · Score: 5, Informative
    One cheap (i.e., no prep) test from the outside is to head over to Gibson Research's site and have it run the Shields UP scanner on your system (links at the bottom of the page). Probably rudimentary, but it'll tell you what you look like from the outside, with pretty pictures, too. It also tells you when your firewall probes them back.

    And of course, for the Windows users, there's our free friend Zone Alarm to help put another layer between your machine and the bad ol' Internet.

    DT

    --
    Is this thing on? Hello?