OK, I've had it with the windows firewall, it's just not making sense to me at all, can anyone recomment a decent firewall that is easily configurable for a server environment (web, ftp, file, etc) that is robust and preferably has decent logging capabilities.
Also on a side note, If I'm behind my routers firewall, and I have that configured properly (and my server PC isnt in a DMZ), do I need a software firewall at all? Is it generally a good idea to have one anyway, as a failsafe?
Any help appreciated
Cheers
Recommend a decent firewall
-
+JuggerNaut+
- Posts: 22175
- Joined: Sun Oct 14, 2001 7:00 am
Bearing in mind I'm planning as setting up the mentioned PC as a server of sorts, and it's quite possible that I'd attract unwanted attention so to speak?
Also another thing, the server in question has 2 NICs, one which I try to use for internet traffic, and one for home-network traffic (file sharing, printing and the like), on my router I have all the relevant ports forwarded to the IP of the "internet traffic" NIC on the server. Are there any other concerns I should have regarding security and the possible compromisation of the server, as I'd like to keep downtime to an absolute minimum?
Edit: Another thought; on the scale of hardware firewalls, am I right in saying they only vary on scalability or configurability, not actual hard-line security right? So your average router firewall is up to the job of semi-pro webhosting?
Cheers
Also another thing, the server in question has 2 NICs, one which I try to use for internet traffic, and one for home-network traffic (file sharing, printing and the like), on my router I have all the relevant ports forwarded to the IP of the "internet traffic" NIC on the server. Are there any other concerns I should have regarding security and the possible compromisation of the server, as I'd like to keep downtime to an absolute minimum?
Edit: Another thought; on the scale of hardware firewalls, am I right in saying they only vary on scalability or configurability, not actual hard-line security right? So your average router firewall is up to the job of semi-pro webhosting?
Cheers
-
^misantropia^
- Posts: 4022
- Joined: Sat Mar 12, 2005 6:24 pm
Security flaws are sometimes found in hardware firewalls as well but since the market is so segmented, they're rarely exploited (even the most popular models have a share of only a few percent). That's why firmware updates are issued from time to time.ilum0s wrote:Another thought; on the scale of hardware firewalls, am I right in saying they only vary on scalability or configurability, not actual hard-line security right? So your average router firewall is up to the job of semi-pro webhosting?Cheers
BTW, run the server apps under a user account with no privileges.
-
+JuggerNaut+
- Posts: 22175
- Joined: Sun Oct 14, 2001 7:00 am
-
AmIdYfReAk
- Posts: 6926
- Joined: Thu Feb 10, 2000 8:00 am
-
^misantropia^
- Posts: 4022
- Joined: Sat Mar 12, 2005 6:24 pm
-
Tormentius
- Posts: 4108
- Joined: Sat Dec 14, 2002 8:00 am
To be quite honest the Windows firewall is a more than adequate second line of security since you already have a router in place. As for hosting, most routers which are a firewall rather than simply a NAT-based router will be up to the task. Which make and model do you have?ilum0s wrote:
Also another thing, the server in question has 2 NICs, one which I try to use for internet traffic, and one for home-network traffic (file sharing, printing and the like), on my router I have all the relevant ports forwarded to the IP of the "internet traffic" NIC on the server. Are there any other concerns I should have regarding security and the possible compromisation of the server, as I'd like to keep downtime to an absolute minimum?
Edit: Another thought; on the scale of hardware firewalls, am I right in saying they only vary on scalability or configurability, not actual hard-line security right? So your average router firewall is up to the job of semi-pro webhosting?
Cheers
-
Tormentius
- Posts: 4108
- Joined: Sat Dec 14, 2002 8:00 am
Actiontec Wireless-Ready DSL Gateway (connected to a 16 port router for the rest of the house)
It's been fine so far, got it a few years back and it does the job just fine. I used the XP firewall just because it was there, and why not, but recently it has been tempremental, although I'm not posotive its the root of my probs. I just wanted to know if there was a well-reputed firewall that's more configurable (and less dumbed down) as a second line of defence. Cheers for all the replies btw, I knew Q3W still had it!
It's been fine so far, got it a few years back and it does the job just fine. I used the XP firewall just because it was there, and why not, but recently it has been tempremental, although I'm not posotive its the root of my probs. I just wanted to know if there was a well-reputed firewall that's more configurable (and less dumbed down) as a second line of defence. Cheers for all the replies btw, I knew Q3W still had it!