CZ said:
Purplehaze:
I would not use that setup, as there is no stated protection for the
router's WAN ports, and there is not any outbound control within the LAN
period.
My Netgear router is fully stealth on the WAN side, and the Netgear supports
SysLog for logging hits to the WAN port address.
It shows about 300 hits per 24 hr period.
I wouldn't do it that way either, but you could and have a good chance of
being ok.
Not correct.
Functionality at one OSI layer is not used on another OSI layer.
A hub is an OSI layer 1 device that basically distributes a signal among the
remaining ports.
A switch is an OSI layer 2 device that can setup an exclusive connection
between two ports.
A router is an OSI layer 3 device that connects two subnets per a routing
table.
A NAT works at OSI layer 3 (IP addresses) and OSI layer 4 (ports).
So, a router at OSI layer 3 understands IP addresses, a hub (or a switch)
does not.
I guess I worded it wrong. I know that a router is not the same as a hub or
a switch, I was just trying to say that a router that doesn't do nat, has as
much security as a hub. To me, what would the point be, it's gotta have nat.
with
4-Port Switch is the perfect
option to connect multiple PCs to a high-speed Broadband Internet connection
or to an Ethernet back-bone. Allowing up to 253 users, the built-in NAT
technology acts as a firewall protecting your internal network.
Depends on how you define "firewall". Purists would not call a NAT a
firewall.
True, good point. Some people on dslreports.com would agree with you. I'm
certainly not a hacker, but I know a thing or two. My friend has a linksys
router and I can't get in or even get a trojan to load. Maybe someone else
could get right thru it or exploit it, I don't know.
IMO, the term firewall can be used to mean a product that controls inbound
and outbound packet flow.
So, my Netgear router could be said to have the following firewall features:
NAT:
Provides address isolation (private subnet is translated into a public
address).
Blocks outside initiated inbound packets by failure to have a match in a
port table.
Packet filtering:
Has very strong rules for controlling packet flow in both directions on both
interfaces.
And my netgear vpn firewall does all that and a bit more and is a 8 port
router. It is a true firewall, so your explaination is right on. Some
routers have firewall features, but technically are not firewalls. I'll
agree.