COMODO, Routers, IDS etc.

Comodo and most other software firewalls inspect the packets properly, hardware firewalls on the other hand can be an issue.

Router manufacturers like to say that their routers are firewalls. When buying a router, many manufacturers use SPI as a term. Now they never say how it is implemented so it is hard to compare the technologies (If someone knows, please tell us).

Basically the following is to what to look for when buying a router to support COMODO firewall (-: :

NAT: Network Address Translation, basically hides your IP from the internet and redirects packets. It is not reliable on its own because it does not check that the IP is the real originating IP.

SPI: This is critical to the proper functioning in my opinion, SPI means that your router can tell if a packet is spoofed, this is important to deter attacks that spoof the IP to pretend to come from within your network. Spoofing with SNMP can allow access to your routers settings and to allow people then to rewrite the settings on your router (This is still a problem with some because an updated firmware has not been released). It stops generic IP spoofing attacks.

IDS: This is a technology you will pay for in the price, basically it consists of signatures of known network worms and Trojans and scans traffic for them, this is most useful when it tells you of known worm traffic within your local network. (Is a nice feature to have, not really necessary for home computers. Its still cool though (:TNG))

Antivirus scanning: I think this technology is ineffective (Industrial/business implementations would most likely be stronger), but besides my bias, you will in most cases need to pay for yearly subscription updates to this service i reckon it is not worth it but who knows.

WPA(2) : this is what to look for in wireless connections, either WPA or WPA2 or anything with WPA in the name is good. Avoid WEP unless it is all your hardware supports. No matter what encryption look up compatibility problems with the proposed hardware to be added .

What ports, so if you need RJ45 ports then make sure that is the connection type. You may want a dial up port so make sure it has one for connection backup.

IE: I have a wireless modem and want to buy another wireless card, the wireless cards i have in the other computers are not available any more, so i have a wireless card that looks good. Make sure that wireless card supports the same encryption standards and that their are no known problems on the internet between your two pieces of hardware. (Buying from the same brand on wireless hardware is the safest assuming both support the encryption in use).

Check for known problems with the router and your ISP, call/email your ISP and ask what to look for when selecting a router to make sure it is compatible with your internet connection.

Make sure your Firmware in the router is up-to-date. IF you need to update it then make sure it is the firmware for your region/country.

When you have upgraded firmware, go through the steps that are in the installation guide. Some routers have quirks that need to be worked around.

DLINk are just wonderful (:TNG) with a bit of further research i found some hints with firmware upgrades in general (This is my first router):

  • Some brands don’t like you using the settings backup feature to backup setting on the original firmware and applying them to the new firmware after an upgrade (It makes sense, but in my case their were no significant changes between firmware versions that would require that…) This was something not pointed out in the documentation or the online page for this specific router…

  • Turn off your AV, Firewall, real time file scanners.

  • Return router to factory settings before and after upgrading the firmware (Just to make sure), keeping in mind that you can’t use the backed up settings after this!!!).

So the above rules applied to my router, and are a good idea for most routers i would imagine (Look up the manufacturer site for details).

Look DEEP in the manufacturers site…

Following the install instructions to the letter once you have upgraded your firmware!!

DO NOT conduct firmware upgrades over a wireless connection, this is a general rule that always will hold.

Remote Administration (Goes by other names too) - Basically allows other people on the internet with the admin account password for your router to logon and change settings. Having this disabled is desired as someone could brute force the password. If you have not passworded the user account then someone could logon and view your settings looking for misconfigurations.

EDIT: Remote Administration bit

Rotty.

Nice post Rotty! :slight_smile:

No problem!!

Updated: Added thing about the DLINK router, they are ■■■■ finicky!!

I tried installing some D-Link firmware for my Dad’s computer and it messed up his internet connection. He ended up paying someone to install a Linksys router instead.

I updated the firmware on my D-Link 4300, and there was no problem.
I didn’t try to put a backup of the settings back though… why? I had forgot to do a backup of my settings… ;D

Yeh, i found the router to be very sensitive when upgrading firmware and then reconnecting everything.

What really annoyed me was the lack of a couple of points that i found on third-party sites that did not exist in an obvious place on the D-LINK site.

Watch out re: Linksys. I bought a WAG354G wireless gateway late last year. It doesn’t support WPA2! Firmware updates yet still no WPA2. It supports it in Version 2 of the firmware but there is no way to upgrade from version1 to version 2! Any suggestions for which is the best security wise? Just so I have it in my head if this one stops working.

Eric

WPA is not insecure, if that is what you are concerned about. WEP is a BIG problem, but that is not of concern in your situation.

This link provides a good comparison in terms of encryption and what actually is different in terms of security in both standards:

WPA is secure enough for most home situations.

If you want a REALLY secure network and avoid upgrading to a new router/access point then:

Increase the size of your passphrase

Look up the security features of your access point

If the router support MAC filtering, IP filtering etc, then turn them on and make sure all computers have static IP addresses.

Tighten the type of traffic that can enter each computer and the router itself (By using rules in the software firewall(s) and router you have)

Oh yes, and WPA uses TKIP standard while WPA2 uses the AES standard.