A.P. Lawrence

Importance of home firewalls

(Traditional format)

Fri Dec 3 14:55:03 2004 Importance of home firewalls
Posted by Tony Lawrence
Search Keys: browsing, security
Referencing: http://www.usatoday.com/money/industries/technology/2004-11-29-honeypot_x.htm

I've said this before: it is unconsciable that DSL and Cable providers allow home connections without firewalls. The referenced article details the results of this foolishness.

The firewall should be an integral part of the equipment they provide. This is the case with some providers: my DSL connection with Taconic Telephone at our summer place is that way. But for too many home users, their PC is just directly connected and they are wide open for abuse.

Compromised machines add to everyone's grief and expense. That's obvious, and inescapable. So why do providers let this happen? Is it money? These problems cost them money and surely cause more support costs for them. How much of a tech's time adds up to the cost of providing a firewall? Not much. This should be a no-brainer. Security begins at home, and nowhere is that more true than here.

The firewall doesn't have to be tremendously full featured. Just a basic nat device that blocks connections that didn't originate within would be a tremendous improvement over Uncle Jack's Windows 98 machine sitting out there with a public ip address. Uncle Jack doesn't need port forwarding, virtual servers, vpn's or anything else. He just needs protection from basic tcp attacks. The simplest possible firewall is a lot better than no firewall at all.

Obviously whatever firewall they provided would need the ability to be easily bypassed for circumstances where Uncle Jack does want to use his own device. Obviously some people would bypass and go directly to their PC's. Fine - I'm not looking for enforced compliance, merely a way to protect the millions of innocents who have no understanding of what they are getting into.

Uneducated and unprotected home users are a problem for all of us. It's time ISP's recognized that.

Comments /Blog/B1157.html
CommentsBlog1157 :

3Com, SMC and others make inexpensive routers that are the cat's meow for protecting a small home network. The 3Com unit, for example, is a DHCP server, 4 port Ethernet switch and a pretty decent router, complete with NAT. You don't have to know much to hook up one of these devices and get it working. One of my clients, whose knowledge of networking slightly exceeds my knowledge of open heart surgery, bought a router from me, took it home, hooked it up and had the mess running in about 5 minutes. And he didn't even call me for help.

I've installed many of 3Com's "office connect" routers and can vouch for their effectiveness in keeping the marauding monkeys out of Uncle John's Windows eXPerimental box. If you shop around you can get a a good deal on one of these gadgets. It sure beats paying someone like Tony or me to come out and straighten out your box after Joe Cracker gets in and wreaks havoc.

--BigDumbDinosaur

Add your comments

Why no "Digg this!" etc.?

Forget the expense of flying to New England. Forget hotel and meals costs.
Installation and light training Boston and New England

Enter your email address for automatic notification of new posts here
(be sure to whitelist 'feedburner.com' if you use spam filtering)

Unix and Linux Support

Have you tried Searching this site?

Unix/Linux/Mac OS X support by phone, email or on-site: Support Rates

This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more. We appreciate comments and article submissions.

Publishing your articles here