Help. Firewall and Wireless.

Hello,
I have a wireless Linksys Network and have had one security breach even
though I am behind a LinkSys Router. I have heard that ZoneAlarm causes
conflicts. I understand that the LinkSys router had a Nat firewall from
discussions here. Do all LinkSys have a Nat firewall (I have a 4 port one)?
How can I enhance security without causing wireless network problems?

Thanks for your help in advance.

Mike

On Thu, 30 Oct 2003 00:31:35 GMT, Michael V. spoketh

>Hello,
>I have a wireless Linksys Network and have had one security breach even
>though I am behind a LinkSys Router. I have heard that ZoneAlarm causes
>conflicts. I understand that the LinkSys router had a Nat firewall from
>discussions here. Do all LinkSys have a Nat firewall (I have a 4 port one)?
>How can I enhance security without causing wireless network problems?
>
>Thanks for your help in advance.
>
>Mike
>

First, NAT is not the same as a firewall.

All the Linksys router have at least NAT, some more expensive models
have more features which makes them more of a firewall than the cheaper
models.

AFAIK, there are no conflicts with ZoneAlarm and Linksys routers.

If your network was compromised, it's probably more due to an unsecured
wireless configuration rather than someone getting through your NAT
router.


Lars M. Hansen
http://www.hansenonline.net
(replace 'badnews' with 'news' in e-mail address)

If you want an EXCELLENT discussion of the known limitations of 802.11
wireless security, then the O'Reilly published book, titled 'Wireless Hacks'
is a MUST read!

There is one whole chapter on the subject of security, and
many of the other 'hacks' throughout the book show that by using readily
available (free) tools, that most of the security features (such as
WEP...even
128-bit WEP) and 'MAC-address filtering', etc, etc, will NOT prevent
most attacks.

So, go beg or borrow a copy. (In fact, if you are so inclined, just visit
your
neighborhood Barnes & Noble or whatever, and read the security chapter
during your lunch hour.) It will really open your eyes!

[Hmmm...I haven't checked...I wonder whether 'Safari' lets you look at that
chapter.]

Cheers...

Dave

P.S. As you might guess, I do not own any stock in Barnes & Noble or
O'Reilly. :^)



"Lars M. Hansen" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> On Thu, 30 Oct 2003 00:31:35 GMT, Michael V. spoketh
>
> >Hello,
> >I have a wireless Linksys Network and have had one security breach even
> >though I am behind a LinkSys Router. I have heard that ZoneAlarm causes
> >conflicts. I understand that the LinkSys router had a Nat firewall from
> >discussions here. Do all LinkSys have a Nat firewall (I have a 4 port
one)?
> >How can I enhance security without causing wireless network problems?
> >
> >Thanks for your help in advance.
> >
> >Mike
> >
>
> First, NAT is not the same as a firewall.
>
> All the Linksys router have at least NAT, some more expensive models
> have more features which makes them more of a firewall than the cheaper
> models.
>
> AFAIK, there are no conflicts with ZoneAlarm and Linksys routers.
>
> If your network was compromised, it's probably more due to an unsecured
> wireless configuration rather than someone getting through your NAT
> router.
>
>
> Lars M. Hansen
> http://www.hansenonline.net
> (replace 'badnews' with 'news' in e-mail address)

Thanks for the info.

I live in a residential area and no one has a wireless network close to me
(cul de sac.. and help other neighbors w/ PC issues as a friend). ZoneAlarm
appeared to bring the capability of each PC in the network- unusable. ZoneA.
bought up "Wizards" from time to time and I noticed peer to peer was gone
after that. I can't ping each PC. Each PC (4) still had access to the cable
modem via wirless connection to WAP which is of course is connected to
router then to cable modem. I have tried everything I know (did not know
many steps to take on this one.)

Thanks

Mike


"Lars M. Hansen" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> On Thu, 30 Oct 2003 00:31:35 GMT, Michael V. spoketh
>
> >Hello,
> >I have a wireless Linksys Network and have had one security breach even
> >though I am behind a LinkSys Router. I have heard that ZoneAlarm causes
> >conflicts. I understand that the LinkSys router had a Nat firewall from
> >discussions here. Do all LinkSys have a Nat firewall (I have a 4 port
one)?
> >How can I enhance security without causing wireless network problems?
> >
> >Thanks for your help in advance.
> >
> >Mike
> >
>
> First, NAT is not the same as a firewall.
>
> All the Linksys router have at least NAT, some more expensive models
> have more features which makes them more of a firewall than the cheaper
> models.
>
> AFAIK, there are no conflicts with ZoneAlarm and Linksys routers.
>
> If your network was compromised, it's probably more due to an unsecured
> wireless configuration rather than someone getting through your NAT
> router.
>
>
> Lars M. Hansen
> http://www.hansenonline.net
> (replace 'badnews' with 'news' in e-mail address)

Lars M. Hansen <(E-Mail Removed)> wrote:
> First, NAT is not the same as a firewall.

No, but on a wired router, it protects fairly well.

> AFAIK, there are no conflicts with ZoneAlarm and Linksys routers.

I have ZoneLabs Pro on a laptop that runs behind a Linksys (NAT, no
firewall), and an SMC that has NAT and an SPI firewall. There are no
conflicts that I'm aware of. They do make it seem like your other PCs are
foreigners, but that's okay. You can add the IP addresses that you want to
the list of trusted hosts. I run file sharing between computers.

> If your network was compromised, it's probably more due to an unsecured
> wireless configuration rather than someone getting through your NAT
> router.

Aye. If they are on the wireless, they are on your side of the firewall.
That's why you need another layer, like ZoneAlarm, on every PC, wired and
wireless, that is on your side of the firewall.

--
---
Clarence A Dold - Hidden Valley (Lake County) CA USA 38.8-122.5

"Michael V." <(E-Mail Removed)> wrote in message
news:VG%nb.179994$(E-Mail Removed). ..
> Thanks for the info.
>
> I live in a residential area and no one has a wireless network close to me
> (cul de sac.. and help other neighbors w/ PC issues as a friend).
ZoneAlarm
> appeared to bring the capability of each PC in the network- unusable.
ZoneA.
> bought up "Wizards" from time to time and I noticed peer to peer was gone
> after that. I can't ping each PC. Each PC (4) still had access to the
cable
> modem via wirless connection to WAP which is of course is connected to
> router then to cable modem. I have tried everything I know (did not know
> many steps to take on this one.)
>
> Thanks
>
> Mike
>

You have to configure ZoneAlarm. If you want internal file and print
sharing, you need to configure a safe zone in ZoneAlarm. Say, tell the
system that IPs 192.168.0.1 to 192.168.0.10 are an internal network, then
all should work fine.

> "Michael V." <(E-Mail Removed)> wrote in message
>> I live in a residential area and no one has a wireless network close to me
>> (cul de sac.. and help other neighbors w/ PC issues as a friend).

We aren't worried about someone else in your neighborhood having a wireless
network in their house, we are worried about someone visiting the
neighborhood and connecting to your wireless network.

Phillip T. Murphy <(E-Mail Removed)> wrote:
> You have to configure ZoneAlarm. If you want internal file and print
> sharing, you need to configure a safe zone in ZoneAlarm. Say, tell the
> system that IPs 192.168.0.1 to 192.168.0.10 are an internal network, then
> all should work fine.

You don't want to put a range into ZoneAlarm.
That's the same as having no ZoneAlarm at all inside of your
hardware firewall, which is a bad idea on a wireless network.
Put the few addresses that you need in as trusted hosts, and fix those
addresses to the proper PCs.

--
---
Clarence A Dold - Hidden Valley (Lake County) CA USA 38.8-122.5

> You don't want to put a range into ZoneAlarm.
> That's the same as having no ZoneAlarm at all inside of your
> hardware firewall, which is a bad idea on a wireless network.
> Put the few addresses that you need in as trusted hosts, and fix those
> addresses to the proper PCs.
>
> --
> ---
> Clarence A Dold - Hidden Valley (Lake County) CA USA 38.8-122.5

That's a good point I should have clarified. I usually setup my wired
network with fixed IPs in one range (say .1 to .10) and then set the
Wireless up to use DHCP in a range starting above that. He is correct that
if you use a range, it should be limited to the IPs you are using, or just
put in individual IPs for each PC.