Dismiss Notice

Welcome To CK5!

Registering is free and easy! Hope to see you on the forums soon.

Score a FREE t-shirt and membership sticker when you sign up for a Premium Membership and choose the recurring plan.

Need Netwroking, DSL, firewall help/advice....

Discussion in 'The Lounge' started by Emmettology 101, Dec 20, 2004.

  1. Emmettology 101

    Emmettology 101 3/4 ton status

    Joined:
    May 9, 2000
    Posts:
    8,126
    Likes Received:
    0
    Location:
    FL
    Need some advice/help on firewalls, DSL's and networking.


    We have a small business and a small netwrok set-up here at our office. It only has 3 computers with one desktop acting as a file server. Right now just two computers are connected to the network and one is off the network and connected to the DSL. The two network connected computers are connected through a hub. This hub has the abilities to supply the DSL connect throughout the network. On our file server, we dont have any pertenant information like credit card numbers or SS#'s... Just filing and paperwork type stuff.

    So far I've just had only one comp on the DSL to keep the network off the internet and keep the netwrok safe from hackers, viruses, etc... But I am getting pressured to add internet access to one of the other computers which is connected to the network...

    Our DSL is thorugh SBC and they say that they protect us with a firewall on their end. But how safe is it? Should I be looking into some firewalls to connect in-between our DSL modem and our network or would you feel safe with just the SBC firewall?

    I have a friend who is a Network Admin at a local company. He sleeps, breathes, and eats computers and knows his stuff. He feels we should look into a firewall to protect us mainly from hackers coming onto our small network and attacking others.... And supposedly now or in April a law will pass that it will be our heads that roll if something like that happens. So I looked into the Symantec Model 100, Linksys BEFSX41... My friend recomends going with one of the smaller Cisco Pix firewalls..

    A guy just left here that looked over our network and feels that we have no worries if SBC has a firewall on their end. And also he feels we have no threat of having the above senario happen since we are just a small DSL connection with no larger servers and such.

    So I come to ask upon the great knowledge of the CK5 board for your insght, advice, suggestions, etc...

    Will we be safe with the network connected to the internet with just the SBC firewall, or should we buy a firewall? And if you think we should buy a firewall, would you go with something on the cheaper end like the Linksys, or spend the extra money and go with the Cisco?

    TIA!
     
    Last edited: Dec 20, 2004
  2. 75-K5

    75-K5 3/4 ton status

    Joined:
    Apr 28, 2002
    Posts:
    5,353
    Likes Received:
    0
    Location:
    Anderson, Indiana
    Uhhhh, WHAT?:mad: :D :p:
     
  3. Yukon Jack

    Yukon Jack 1/2 ton status

    Joined:
    Jul 25, 2002
    Posts:
    1,984
    Likes Received:
    0
    Location:
    Rose Hill, KS
    I have ZoneAlarm Pro on each workstation here at work and the DSL goes into a Linksys Firewall - I think we are pretty secure. SBC's firewall is not enough to protect you.

    And if you stay unprotected you will get hacked or messed with in some way, just a matter of time.
     
  4. Emmettology 101

    Emmettology 101 3/4 ton status

    Joined:
    May 9, 2000
    Posts:
    8,126
    Likes Received:
    0
    Location:
    FL
    LOL< sorry.. I copied and pasted that from a post I put on PBB also. :)
     
  5. Emmettology 101

    Emmettology 101 3/4 ton status

    Joined:
    May 9, 2000
    Posts:
    8,126
    Likes Received:
    0
    Location:
    FL
    That is the way my friend and myself feel. But it's hard to convince someone that knows nothing about computers and who doesn't want to spend a dime on something they think we dont need.

    I plan on getting Norton Internet securities for each computer.(or share them :p: ) But I think we need an external firewall as well.
     
  6. newyorkin

    newyorkin 1 ton status

    Joined:
    May 8, 2001
    Posts:
    16,555
    Likes Received:
    157
    Location:
    Los Estados Unitos
    Don't rely on your provider's firewall. Basically, don't rely on anyone telling you your network is protected unless they've protected it after the line enters the facility.

    A common hacker attack is to simply take control of a remote computer. It doesn't matter what the info on the machine is, as long as they can use it to commit other hacking from it, so that any tracing goes back to your hacked machine, rather than the hacker's actual machine. They would make your machine what's called a "zombie".

    I would not use a linksys, etc because I personally only have experience with their routers, which they sell as "firewalls", but they're actually not true firewalls.

    A small Pix is a good idea, but might actually be serious overkill. I haven't looked in a while, so I forget what they're selling now, though.

    Personally, I sing praises of Sonicwall. For my house (7 or 8 computers, with some servers exposed to the net), I (hypothetically) use a webramp 700S firewall with firmware for a Sonicwall, so it's basically a sonicwall with unlimited users. Highly configurable through a web page, and pretty good help files. I've seen attack attempts logged, but nothing has ever gotten through. Interestingly, I use a Linksys router between the firewall and the cablemodem, so the attacks are able to get through that in order to be logged on the Sonicwall.


    I'm on the verge of buying a sonicwall to segment our absolute-mission-critical systems at work, I have so much faith in them now.


    So anyway, I'd recommend dropping $500 on a sonicwall. I actually got my webramp for $40 on ebay (new in box with 5-user license), and flashed the firmware to make it a sonicwall with unlimited users. Hypothetically of course. While it's possible to flash upgrade it, I'd look into the purchasing info on the userlicense upgrades on it for a business...
     
  7. Emmettology 101

    Emmettology 101 3/4 ton status

    Joined:
    May 9, 2000
    Posts:
    8,126
    Likes Received:
    0
    Location:
    FL
    The small Cisco Pix is actually only $399 at CDW..
    LINK I am basically going to have to fight to get this model or anything similar. The Linksys is only $80 and he wants to go with that. I've told him it is not as good as the other, but all he sees is dollar figures. *shaking head*

    Also, from what my friend says.. There is a law coming out that fines the owner of the network who the hackers used to stage their attack from..??.. I am going ot have to find this article to back up my case ont he firewall.
     
  8. newyorkin

    newyorkin 1 ton status

    Joined:
    May 8, 2001
    Posts:
    16,555
    Likes Received:
    157
    Location:
    Los Estados Unitos
    That Pix looks perfect. I dunno why, I was picturing thousands of dollars...
    I agree with you, don't go with the Linksys, it would the absolute bare minimum protection, if legitimately considered protection at all.

    Does your friend mean sarbanes-oxley? I don't think that necessarily targets hackers, but it does affect the IT business-side industry in effect of supporting the new finance/accounting rules. The final deadline for compliance with that is July 15/2005.
    I dunno if he's accurate on a law that would require the network owner to be responsible if thier's is determined to be a source. The owner could be sued if his network is the source of an attack and it's found he could have prevented the breech and had opportunity to act but did not, or did not properly (as it would sound like in your situation). As far as a law like that, I vaguely remember hearing something about it years ago, but I don't think it's ever been considered in congress. Heck, you could go to starbucks and use thier network from your laptop to hack, or even a park right near my office that's free/anonymous wifi. Starbucks would most likely clamp thier networks shut in a heartbeat if that were going to be law.

    If SOX isn't the law he means, post up info about the one does mean, that would be *very very* good to know... A pre-written sales pitch for my friends shop, in a way, I.E. more weekend work for me...
     
  9. Emmettology 101

    Emmettology 101 3/4 ton status

    Joined:
    May 9, 2000
    Posts:
    8,126
    Likes Received:
    0
    Location:
    FL
    I am not sure what law my friend is referring to. But I have asked that he send me some links so that I can present them to help my case for the better firewall. When/if I get them, I'll post them up. :) Thanks!!

    Oh. And since I posted last, I talked to SBC again. This tech there is no firewall of any kind included with my SBC account. Only thing they offer is download of Zone Alarm for free.
     
  10. Emmettology 101

    Emmettology 101 3/4 ton status

    Joined:
    May 9, 2000
    Posts:
    8,126
    Likes Received:
    0
    Location:
    FL

Share This Page