James Knott <james.knott-bJEeYj9oJeDQT0dZR+AlfA at public.gmane.org> writes:
Tim Writer wrote:
James Knott <james.knott-bJEeYj9oJeDQT0dZR+AlfA at public.gmane.org> writes:
Terry Tanski wrote:
Hi all, Anyone have any comments on the SMC Cable/DSL 4port router (SMC7004VBR)? How does it compare to the DLINK (604) or the LinkSys (SR41)? Does it have
half-decent firewall capabilities?
Terry
I have the wireless version of that. It seems to be OK. What capabilities were you looking for? Well, I worked on the wireless version for a while and was not at all
impressed. The firewalling capabilities are only applicable to the Internet connection, i.e. you cannot firewall your wireless LAN from your traditional LAN. You can use MAC based ACLs to prevent wireless users from going out to the Internet but you can't stop them from accessing your wired LAN. You can also restrict wireless traffic but you can't implement a deny by default policy, i.e. you cannot deny everything except the few services you want to allow, you can only deny specific services. The bottom line: as long as you're not using wireless and you're using NAT,
it will give you a basic level of protection simply due to the use of private IPs with NAT. IOW, it's okay for a simple home setting but I wouldn't use it in a business setting.
I've got mine between my Linux firewall and cable modem. This way, the only way into my home network, is via CIPE VPN or SSH.
Yes, that's how I've configured it too. It just bothers me that a product labeled "firewall" has such limited firewalling capabilities. And if you've got a Linux firewall, it's not too hard to throw in a wireless card and do it "properly". -- tim writer <tim-s/rLXaiAEBtBDgjK7y7TUQ at public.gmane.org> starnix inc. 905.771.0017 ext. 225 thornhill, ontario, canada http://www.starnix.com professional linux services & products -- The Toronto Linux Users Group. Meetings: http://tlug.ss.org TLUG requests: Linux topics, No HTML, wrap text below 80 columns How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml