Way OT : Hardware Router vs. Software Router/Proxy

Discussion in 'Abit' started by D Larsen, Jan 22, 2005.

  1. D Larsen

    D Larsen Guest

    Okay, okay....since y'all beat my last post to death, and since this
    group hasn't been very "active" lately, I offer another question,
    although way off topic ! I learn a LOT from you more experinced folks
    here <g> :

    I have a hard wired network of my home computers...the main machine (a
    Soyo Dragon) is a dual-boot system, with W98 Gold and XP Pro. The wife
    has the ABIT KT7-RAID machine running XP Pro...(does that make this
    on-topic ?) The basement has a W98 Gold machine running a K6-2 550 chip
    on an FIC MB....Have a cable modem connected to the main machine....2
    NICs....1 goes directly to the cable modem (to the on-board NIC), and a
    second NIC to the home network (a cheapie PCI NIC). Now, I'm so behind
    the curve that the home network is 10 Base 2, with BNC connectors !! I
    had to search far and wide for a PCI NIC that had a BNC connector <g> !
    My logic is, however, that even at a 1 mbps speed, the net access
    through the cable modem wouldn't be much faster if I installed all this
    high-faluting hubs and wiring, let alone any of this wireless stuff <g>
    !

    I use the free proxy program from AnalogX (www.analogx.com) on the main
    machine to provide Internet access to the other network machines through
    the cable modem...works great for the basic things we use the computers
    for (email, surfing, etc) !

    Here's my question : Am I vulnerable to all those "nasties" on the
    Internet by setting things up this way ? I use the Sygate PFW (in W98)
    and Zone Alarm (in XP), with Norton AV on the main machine in either
    boot config...but the network machines have free access to things....I
    DID notice that when my wife sends or receives an email, the Norton AV
    on the main machine scans it.... Should I ditch the proxy server and go
    with a hardware router ?

    Dean...

    (waiting here in Maryland for the "White Death" snowstorm predicted for
    tomorrow and Sunday; I have plenty of milk and toilet paper on-hand <g>
    !) (Ya gotta live here to understand the mentality <g> Geez, I had to
    make a special beer run, just to be sure I didn't run out !)
     
    D Larsen, Jan 22, 2005
    #1
    1. Advertisements

  2. D Larsen

    Jim Guest

    D,
    Yes.

    Ever hear the saying...."the more you over-think the plumbing, the
    easier it is to plug up the drain"....? That's pretty much what you're
    doing right now.

    Get yourself a Linksys WRT64G or WRT54GS Router. They have (4)Cat5
    ports as well as WiFi capabilities, along with a great hardware
    firewall built right in.

    Connect your router to your cable modem, and nobody on the net will
    ever even know your PC's are online directly. Only thing seen is the
    router's IP. Keep the firewall's on each PC, mainly for outbound
    (phone-home) awareness/protection.

    Cable-modem
    |
    |
    Router(IP-68.33.179.215)
    | | | | |
    | | | | |
    PC1 PC2 PC3 PC4 WiFi(future use)
    IP's from 192.168.1.100-and up(private)

    Setup PC's to get their IP's from the router's DHCP server, or assign
    them (your choice).
     
    Jim, Jan 22, 2005
    #2
    1. Advertisements

  3. D Larsen

    Apollo Guest

    It depends really, your current configuration is definitely less
    secure than a hardware router with NAT capability, but only
    because of the software you have running.

    The other option would be to install something like Shorewall, and
    have better configuration and security than almost all consumer
    level routers. You should read the docs before you start if you
    go for this option, the configuration is quite friendly though.
    http://www.shorewall.net/

    Or get a dedicated hardware router, which IMHO is the easiest
    solution, but also the most boring ;-)
     
    Apollo, Jan 22, 2005
    #3
  4. D Larsen

    Apollo Guest

    Further to my answer; there is a how-to for a system like yours
    here;
    http://www.shorewall.net/two-interface.htm
     
    Apollo, Jan 22, 2005
    #4
  5. D Larsen

    JefN Guest

    | Okay, okay....since y'all beat my last post to death, and since this
    | group hasn't been very "active" lately, I offer another question,
    | although way off topic ! I learn a LOT from you more experinced folks
    | here <g> :
    |
    | I have a hard wired network of my home computers...the main machine (a
    | Soyo Dragon) is a dual-boot system, with W98 Gold and XP Pro. The wife
    | has the ABIT KT7-RAID machine running XP Pro...(does that make this
    | on-topic ?) The basement has a W98 Gold machine running a K6-2 550 chip
    | on an FIC MB....Have a cable modem connected to the main machine....2
    | NICs....1 goes directly to the cable modem (to the on-board NIC), and a
    | second NIC to the home network (a cheapie PCI NIC). Now, I'm so behind
    | the curve that the home network is 10 Base 2, with BNC connectors !! I
    | had to search far and wide for a PCI NIC that had a BNC connector <g> !
    | My logic is, however, that even at a 1 mbps speed, the net access
    | through the cable modem wouldn't be much faster if I installed all this
    | high-faluting hubs and wiring, let alone any of this wireless stuff <g>
    | !
    |
    | I use the free proxy program from AnalogX (www.analogx.com) on the main
    | machine to provide Internet access to the other network machines through
    | the cable modem...works great for the basic things we use the computers
    | for (email, surfing, etc) !
    |
    | Here's my question : Am I vulnerable to all those "nasties" on the
    | Internet by setting things up this way ? I use the Sygate PFW (in W98)
    | and Zone Alarm (in XP), with Norton AV on the main machine in either
    | boot config...but the network machines have free access to things....I
    | DID notice that when my wife sends or receives an email, the Norton AV
    | on the main machine scans it.... Should I ditch the proxy server and go
    | with a hardware router ?
    |
    | Dean...
    |
    | (waiting here in Maryland for the "White Death" snowstorm predicted for
    | tomorrow and Sunday; I have plenty of milk and toilet paper on-hand <g>
    | !) (Ya gotta live here to understand the mentality <g> Geez, I had to
    | make a special beer run, just to be sure I didn't run out !)


    Hi Dean -

    I gotta agree with the others here... you'd be far better off with a Router.
    I haven't gotten a single "hit" through my firewall software (Zone Alarm) on
    any of my machines since installing the router. I've got DSL service and
    have a network linked through a Netgear DG834G DSL Modem/Router (not the
    solution for you, but it's one more box off my desk... actually two, since
    the Netgear box mounts nicely on the wall).

    One benefit is that I don't have to have "The Mothership" running all the
    time to have web access. Saves on the electric bill and the roar of white
    noise from the fans.

    I can have guests with their notebooks and they're on the web through
    in-built wi-fi, a PCCard or an extra wired port on the router. My parents
    spend time here each year and bring their notebook. It's easy to set them
    up with my network name and security key.

    Another "bennie" is I can take my notebook anywhere in the house or yard
    wirelessly and have up to 54Mbps access to the network (though, certainly
    much slower for access to the web with my 1536kbps DSL service). Decadence
    is spelled out posting OT to this group by the pool...

    As to your other special concerns: don't forget to lay in an extra supply of
    alcohol. Milk and toilet paper are just sundries when it comes to being
    snowed in. You want so pleasure to enjoy with all that snow and, sometimes,
    beer just isn't enough.

    From an old Colorado hound in snow-free (but still wet from our recent
    drenching rains) Burbank, California -
    Jef
     
    JefN, Jan 22, 2005
    #5
  6. D Larsen

    D Larsen Guest

    Thanks, Jim, for your response !

    That's an expression I've never heard before <g>, but it makes
    sense....the other one I'd throw out is "If it ain't broke, don't fix it
    !". I understand what you're saying, but to go with the scheme you've
    proposed would require a purchase of a router, and re-wiring my home net
    to use Cat 5 cable rather than the coax I'm using...To go to wireless
    would also involve more $$$ for wireless NICs for the workstations (the
    NICs I have fitted are combo cards that can use coax or Cat 5 cable, so
    I wouldn't have to get all new NICs to go to UTP) ! I wonder if there
    is any real, noticible speed advantage with UTP over the coax I already
    have in place.

    I haven't seen any responses to explain how much better/secure this
    would be vs. the cost of implementing over what I'm already running ! I
    guess I'm just a cheap bastard <g> !

    Thanks again for your input...

    Dean...
     
    D Larsen, Jan 23, 2005
    #6
  7. D Larsen

    D Larsen Guest

    Thanks, Apollo !

    I'll check out Shorewall...

    Dean...
     
    D Larsen, Jan 23, 2005
    #7
  8. D Larsen

    D Larsen Guest

    Jef, See below !

    Why ? I get very few hits on W98 running Sygate PFW, or XP running Zone
    Alarm...
    I hear ya, but the way we use our 'puters doesn't require the mothership
    to run constantly...when the wife wants to check her email or surf, she
    You're right ! We got ~7 inches here, but I ran outta beer
    quickly.....I didn't factor in the fact that the wife would be snarfing
    it down, too <g> ! She uses a LOT of toilet paper, but I didn't expect
    Sounds like SoCal is taking a beating....years ago, I was stationed at
    Edwards AFB in the high desert...at the time, all the discussions were
    about the dry season and the low level of the water supply....hope this
    latest round of shitty weather at least gives you guys some drinking
    water <g> !

    Dean...
     
    D Larsen, Jan 23, 2005
    #8
  9. D Larsen

    JefN Guest

    D Larsen wrote:
    |
    | Why ? I get very few hits on W98 running Sygate PFW, or XP running
    | Zone Alarm...
    |

    You probably won't get *any* hits on a router with NAT translation ... the
    hardware firewall would keep you totally invisible to the net. Ping the IP
    Address assigned to the router and you'll get.... ummm..... nothing. It's
    too dumb to answer (unless you defeat the default settings and allow it to
    become pingable).


    | I hear ya, but the way we use our 'puters doesn't require the mothership
    | to run constantly...when the wife wants to check her email or surf, she
    | boots the mothership OR waits 'till I'm on-line <g> !
    |

    Does that not mean that *you're* the mothership? ;-)

    I used to keep my desktop computer running 24/7... and now I don't... the
    much more economical router sits there, providing access to the web from my
    notebook (or any other computer I allow, for that matter) and I don't have
    to worry about the big machine sucking in as much feathers and cat hair with
    it not running all the time.

    |
    | You're right ! We got ~7 inches here, but I ran outta beer
    | quickly.....I didn't factor in the fact that the wife would be snarfing
    | it down, too <g> ! She uses a LOT of toilet paper, but I didn't expect
    | her to go through the beer, too <g> !
    |

    I hope you're close to a convenience store... or the roads get plowed soon!

    | Sounds like SoCal is taking a beating....years ago, I was stationed at
    | Edwards AFB in the high desert...at the time, all the discussions were
    | about the dry season and the low level of the water supply....hope this
    | latest round of shitty weather at least gives you guys some drinking
    | water <g> !
    |
    | Dean...

    Yeah... we took a beating. The Verdugo Hills (between Burbank and Pasadena)
    received more than 30 inches of rain over a period of less than three weeks.
    Since I live in a canyon, with no underground storm drains, the road became
    a river. Built into the hillside, my garage was the headwaters of a small
    tributary. My house, also built into the hillside, fared much better (only
    minor "sweating" from the brick chimney through to the plaster above the
    fireplace, resulting in some staining and some blistered paint -- a little
    primer and slap up a little touch-up and the wall will be gold... this
    summer: resealing the flashing).

    I was actually glad to be prepared for The Big One (earthquake) and had
    ample quantities of food in the house. Can't say the same for other
    necessities of life ("Falling Down Water" especially).

    The unfortunate: Southern California, being very arid most years, doesn't
    have lots of water storage. Most of what falls from the sky runs free to
    the ocean. Most of our water comes from Northern California and the
    Colorado River drainage. With the drought of the last five years, water
    storage in much of the Colorado River basin is at 40-year lows and will take
    many years of above-average precipitation to refill. Fortunately Northern
    California is more forgiving.

    Though I can't complain about water availability where I live. Water here
    in the canyon is from a number of water wells drilled further up the canyon.
    Our far above average precipitation (we only get about 15 inches, on
    average, for an entire year) will do nicely to replenish the underground
    aquifer.

    Jef
     
    JefN, Jan 24, 2005
    #9
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.