This Help! section includes information and recommendations on hardware firewalls for increased Internet security.
How a Router can help protect your computers:
If you access the Internet via a high-speed or Broadband connection (DSL/Cable), we strongly recommend you install a home-networking router. A router is a stand-alone hardware device connected between the DSL/Cable modem and your computer(s). This router will direct traffic between a single Internet connection and one or more PCs on a local network. A router also offers protection against several kinds of Internet-based attacks and provides an inexpensive and effective layer of protection. Many routers include various firewall options and/or wireless capabilities.
To connect to the Internet, a computer must have an IP (Internet Protocol) address. A hacker who learns this IP address (or chooses it at random) can try to attack your computer. Internet worms like Sasser and Blaster make quick attacks on all possible IP addresses looking for exposed computers.
With a router in place, your computer is able to connect to the Internet without the risk of getting hacked via your IP address. The router manages this Internet traffic through NAT (Network Address Translation). Each computer plugged into the router, receives a "local" IP address from the router. This local address is completely invisible on the web. The router translates "allowed" data between the local IP address and the outside Internet IP address. Any hacker or web virus lurking around on the Internet sees only the router. Any worm or virus that attempts an attack on the IP address it sees, will attempt to run their scripts (programs) on the router. These attempts are simply ignored as the router is not Windows based, nor capable of running those scripts.
Choosing your Router:
There are many features to consider (i.e. wired, wireless, VPN, etc...) when choosing a router, as one size does not fit all. A simple router may cost $40, but we highly recommend a slightly more expensive router (i.e. Linksys BEFVP41 or BEFSX41) which includes a built-in firewall that uses Stateful Packet Inspection (SPI). Any incoming data packet that doesn't match an outbound request is blocked. Certain activities, such as instant messaging, require acceptance of unsolicited inbound data packets, and most hardware firewalls include configuration options to allow these specific activities.
Routers can be simple to connect, but may be difficult to understand and configure properly. Improperly configured firewalls either provide inadequate protection, or obstruct legitimate activities. Most manufacturers also have many tutorials online if you need more assistance. To make it work correctly and provide maximum protection, you may consider hiring a professional to install and configure your new router for you.
For wired systems, we recommend: Linksys Firewall Router BEFSX41.
Help! Related Articles:
©2005 Bouchette Electronics, Inc.
Clintonville, WI 54929 715.823.7770