Networking → Re: [XP] security implications of turning off a router's firewal

Hi Chuck,

Thanks for your reply. I need some clarifications as I am not very knowledgeable:
+ I just know I disabled the firewall by clicking appropriate setting on the Belkin Pre N router menu as mentioned in the thread to which I previously referred. Nowhere did I encounter the term SPI when I was disabling the firewall fyi. Have I disabled the SPI firewall as you claim?
+ Is it possible for you to explain what SPI is?
+ Would I be better off getting a wired modem in terms of security? If so why?
+ What steps can I take to guard myself against wifi attacks? I have heard of something like WEP - does that help in securing my wireless network? If so how can I set it?
+ When I tried to do testyourvoip the test failed if my computer was wirelessly connected vs. test passed when computer was wired to router. Why should this be so?

thanks,

I told you yesterday what SPI is. Why didn't you read the articles?

Did the post above confuse you?

Good.

That was a non-stateful reply. I didn't cite any articles, yesterday. You can read about NAT, today.
»nitecruzr.blogspot.com/2 ··· ter.html

The bad guys use non-stateful attacks to get your servers or firewalls to drop communications, or maybe to drop a protection, in an effort to keep up with incoming traffic.

Their traffic towards an unprotected server may make as much sense to the server as my reply above must have meant to you.

Apologies if the above post confused you, unacceptably. I've been waiting to try this approach to explaining SPI, for a while.

The term "firewall" is pretty vague, there are many firewalls because there are many ways the bad guys have to attack you.

The simplest and earliest firewall would be a filter, that says "Don't accept traffic from IP address nnn.nnn.nnn.nnn". With a NAT router, only solicited traffic is accepted, so filtering isn't necessary.

NAT provides a filter against malicious incoming traffic, by only passing solicited traffic. Your computer asks for communications with a server, and the NAT function gets that communication. Any other communication is ignored. Your individual computers only get solicited incoming traffic, based upon what they asked for. Your computers have to trust the servers that they ask for contact.

So the only way that a bad guy can attack a NAT router is by non-stateful traffic against the router itself. A Stateful Packet Inspection (SPI) firewall examines the content of the incoming traffic, and looks for non-stateful attacks, like what I used on you above. Traffic that just confuses you (or your router).

An SPI firewall is what's commonly added to most domestic (NAT) routers, like the Belkin.

We'll get through the SPI explanation, then we'll move to other security issues, like WiFi. Are you OK so far?