Get APLawrence.com by RSSImportance of home firewalls
Fri Dec 3 14:55:03 2004 Importance of
home firewalls
Posted by Tony Lawrence
Search Keys: browsing, security
Referencing:
http://www.usatoday.com/money/industries/technology/2004-11-29-honeypot_x.htm
I've said this before: it is unconsciable that DSL and Cable providers allow home connections without firewalls. The referenced article details the results of this foolishness.
The firewall should be an integral part of the equipment they provide. This is the case with some providers: my DSL connection with Taconic Telephone at our summer place is that way. But for too many home users, their PC is just directly connected and they are wide open for abuse.
Compromised machines add to everyone's grief and expense. That's obvious, and inescapable. So why do providers let this happen? Is it money? These problems cost them money and surely cause more support costs for them. How much of a tech's time adds up to the cost of providing a firewall? Not much. This should be a no-brainer. Security begins at home, and nowhere is that more true than here.
The firewall doesn't have to be tremendously full featured. Just a basic nat device that blocks connections that didn't originate within would be a tremendous improvement over Uncle Jack's Windows 98 machine sitting out there with a public ip address. Uncle Jack doesn't need port forwarding, virtual servers, vpn's or anything else. He just needs protection from basic tcp attacks. The simplest possible firewall is a lot better than no firewall at all.
Obviously whatever firewall they provided would need the ability to be easily bypassed for circumstances where Uncle Jack does want to use his own device. Obviously some people would bypass and go directly to their PC's. Fine - I'm not looking for enforced compliance, merely a way to protect the millions of innocents who have no understanding of what they are getting into.
Uneducated and unprotected home users are a problem for all of us. It's time ISP's recognized that.
Have you tried Searching this site?
Unix/Linux/Mac OS X support by phone, email or on-site: Support Rates
This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more. We appreciate comments and article submissions.
Many of the products and books I review are things I purchased for my own use. Some were given to me specifically for the purpose of reviewing them. I resell or can earn commissions from the sale of some of these items. Links within these pages may be affiliate links that pay me for referring you to them. That's mostly insignificant amounts of money; whenever it is not I have made my relationship plain. I also may own stock in companies mentioned here. If you have any question, please do feel free to contact me.
Specific links that take you to pages that allow you to purchase the item I reviewed are very likely to pay me a commission. Many of the books I review were given to me by the publishers specifically for the purpose of writing a review. These gifts and referral fees do not affect my opinions; I often give bad reviews anyway.
We use Google third-party advertising companies to serve ads when you visit our website. These companies may use information (not including your name, address, email address, or telephone number) about your visits to this and other websites in order to provide advertisements about goods and services of interest to you. If you would like more information about this practice and to know your choices about not having this information used by these companies, click here.
I sell and support
Kerio Mail server
Click here to add your comments
3Com, SMC and others make inexpensive routers that are the cat's meow for protecting a small home network. The 3Com unit, for example, is a DHCP server, 4 port Ethernet switch and a pretty decent router, complete with NAT. You don't have to know much to hook up one of these devices and get it working. One of my clients, whose knowledge of networking slightly exceeds my knowledge of open heart surgery, bought a router from me, took it home, hooked it up and had the mess running in about 5 minutes. And he didn't even call me for help.
I've installed many of 3Com's "office connect" routers and can vouch for their effectiveness in keeping the marauding monkeys out of Uncle John's Windows eXPerimental box. If you shop around you can get a a good deal on one of these gadgets. It sure beats paying someone like Tony or me to come out and straighten out your box after Joe Cracker gets in and wreaks havoc.
--BigDumbDinosaur
Don't miss responses! Subscribe to Comments by RSS or by Email
Click here to add your comments
If you want a picture to show with your comment, go get a Gravatar