Cyber Angels Corporate

We bring our better angels to every fight
Home
About Us
Contact Us
PC Security
Connectivity
Network Terms
Wireless Security
Security Risks
Strategic Actions
Router Strategy
Other OSes
US Cert Info
Site Map
Router Strategy

 

Hardware Firewall Solutions:

 

Another firewall solution that you can elect to use if you setup a home network Workgroup LAN of 2 or more PCs is a combination of antivirus protection and hardware firewall protection rather than using one of the software firewall products shown previously. It is not recommended to use both a hardware and software firewall simultaneously as they can often interfere with one another. A typical firewall hardware device that is implemented in the home by the LAN administrator is the Network Router.

 

One such network router used by many LAN administrators is the LinkSys Router. LinkSys has recently been purchased by CISCO Systems, the leader in networking and networking security systems. Within the routeritself is functionality that can typically be accessed via the Internet Explorer browser. Access to the router’shomepage is usually done by typing in http://192.168.1.1 into the browser. This will take you to the router’s Setup page. Some of the things you can do within the router to control possible intruder attacks is to block access by blocking various ports or by identifying the IP address of suspected hackers and blocking access to your network through the process of blocking actual IP addresses. Instructions on how to go about doing this are explicitly shown in the Users’ Guide of the LinkSys router that you purchase. In the picture of the LinkSys Wired BEFSR11 (one-port) router, the User’s Guide is found online. There are many models of wired and wireless routers available from LinkSys. The wireless 802.3g routers use 128-bit or higher encryption keys over 11 possible wireless channels to communicate with PCs throughout the home via wireless NICs (Network Interface Cards). The security of these router devices is phenomenal if the wireless encryption is configured properly. MS Windows™ XP SP2 has a built-in Wireless Configuration Wizard that makes setting up a wireless LAN in the home almost foolproof

 

Another network router that also implements a military-grade firewall is called the 2Wire DSL modem/router. This particular modem is also a router and connects the user to a DSL (Digital Subscriber Line) ISP service and allows the user to connect up to 4 PCs in the home to the service with independent connections to the Internet in what is referred to as a Home Networking arrangement. PCs can be plugged directly into home telephone service (in the case of DSL) via the wall jack and share the home telephone wiring as the network.  Alternatively, 2Wire also offers wireless 2Wire modem/routers that operate similarly to the LinkSys Wireless routers. The professional-grade firewall actively defends against common Internet threats such as DoS (Denialof- Service attacks) using stateful packet inspection. Simple configuration for common in-home applications, such as online-gaming is easy. Totally upgradeable, future software updates to the firewall specifications are as easy as a download from the Internet.

 

If you use a Linksys Wireless-G Broadband Router as the WAP (Wireless Access Point) for your home network as does Donald Calloway, one of our dedicated Internet visitors, did you know you can restrict web content to one or all of your network PCs using internet access policies which you define yourself? If you have a typical setup in which you are operating a home LAN consisting of several PCs with your DSL modem connected to your router for Internet access, you probably have (Dynamic Host Configuration Protocol) DHCP activated on your LAN so that your router automatically assigns an IP address to each PC.  This configuration allows each PC to have its own Internet connection, not a shared connection as with Internet Connection Sharing (ICS). Now here is a typical reason for why you might want to restrict Internet access to one or more PCs on your network. For example, say your child has a PC connected to your network which he uses in his bedroom. You are concerned he may be accessing the Internet to view pornography without your knowledge and approval. Using your Linksys wireless router, you can restrict his use of the internet by blocking web content with certain keywords associated with pornographic web content. To do this, log into your router using any browser by typing http://192.168.1.1 in the address field and pressing the Go button or Enter key. After you provide your username and password, you should be looking at your router's configuration Setup page. Click on the Access Restrictions page and you will see Internet Access Policy in the topmost part of the page. By clicking on the arrow of the combo box you can access up to 10 different user-defined policies. You will be creating policy #1, which should appear by default. Immediately below this area you will see a Status line. Click on Enable to enable policy restrictions. Immediately below this line you will enter a short description for policy #1. Let's say you want to call it: Block Pornography. Immediately below this, you will see PCs field with an Edit List of PCs button. Click on the button to load the List of PCs page. Since you have DHCP enabled to have your router automatically assign IP addresses to your PCs, you will need to move down to the bottom of the page to an area entitled: Enter the IP Range of the PCs. There are two possible ranges you can assign. In the IP Range 01 field, you may enter 100-199 in the blocks in order to apply this policy to up to 100 PCs on your network starting with IP 192.168.1.100 and ending with 192.168.1.199. You will need to use a range of some sort when using DHCP since you will not know the specific IP address your router will assign to your son's PC. Now, save changes and return to the Access Restrictions page. Below the Edit List of PCs button, you will see the text Internet access during selected days and times. Unless you intend to deny Internet access to select PCs altogether, you will need to ensure the Allow radio button is selected. You would then check the Everyday checkbox and select the 24 hours radio button. If you want to deny Internet access to select PCs, you can do so by checking the days of the week you want to do this to occur and select the From: To radio button followed by entering the From and To times in the drop-down boxes provided. Now, let's say you don't want to restrict access altogether but rather want to restrict access to web pages with select keywords. Keep the Allow, Everyday, 24 hours settings and drop down to the bottom of the page and enter up to six keywords in the Website Blocking by Keyword entry fields. Now, Save Settings and you will have created Policy #1 with the name Block Pornography that will terminate Internet access to the PC(s) assigned anytime an attempt is made to access a web page containing one of those keywords. You can create other policies in the same way as described above to add even more keywords, but you can only have one policy active at a time.

 

Copyright 2006, CAC Network Security Website, All Rights Reserved

 

 

This page was last modified on Friday, November 03, 2006 17:25 GMT-05:00