Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[BassMan]

I've been running my DIR-825 HW:B 2.02NA issue-free for some time (so I'm a little scared to touch it...).

Anyway, any advice here re: enabling any sort of firewall support in the router?  I'd assumed that the NAT was sufficient, but I was reading on another forum (not D-Link specific) that enabling router firewall protection is a "good thing".

For those running the firewall feature(s), any hints re: "DOs" and "DON'Ts"?  I've got the manual, and am willing to learn, but I'm starting from "square one".

[waffull]

If your DIR-825 is facing the world (ie: gets a public IP from your service provider,) having the firewall turned on is not only good practice, but an absolute necessity.  NAT does not protect you from would-be hackers.  The purpose of NAT is to allow more than one device access through a router (in this case to the internet cloud) without having to assign each device a public ip address (there just aren't enough in IPv4 to do that.)

NAT does offer limited security in that the router will not accept incoming data connection requests if an outgoing session hasn't already been opened.  But that's it.

There are two types of firewalls (the 825 has both..)
1) Port forwarding/blocking (depending on the vendors choice of words)
-- Allows you to prevent all incoming traffic that hasn't specifically been approved, from entering your internal network.
-- Does NOT necessarily hide your network from the world though.
2) SPI (Stateful Packet Inspection)
-- Firewall looks inside each incoming packet and using a set of rules and algorithms (way to complicated for my brain to understand) will drop packets it determines to be harmful.
-- SPI, I believe, should be turned on by default on the 825 b.  If not, TURN IT ON!

If anyone is interested, I can put together a quick guide on hardening your network with the DIR-825 b.  If interested, please fill out this short poll at http://links.waffull.com/dlink

[Lycan]

I'm curious to know what methods you use to "harden" the security of your router. Please be as detailed as possible.

[BassMan]

Awesome!

If your DIR-825 is facing the world (ie: gets a public IP from your service provider,) having the firewall turned on is not only good practice, but an absolute necessity.  NAT does not protect you from would-be hackers.  The purpose of NAT is to allow more than one device access through a router (in this case to the internet cloud) without having to assign each device a public ip address (there just aren't enough in IPv4 to do that.)

NAT does offer limited security in that the router will not accept incoming data connection requests if an outgoing session hasn't already been opened.  But that's it.

There are two types of firewalls (the 825 has both..)
1) Port forwarding/blocking (depending on the vendors choice of words)
-- Allows you to prevent all incoming traffic that hasn't specifically been approved, from entering your internal network.
-- Does NOT necessarily hide your network from the world though.
2) SPI (Stateful Packet Inspection)
-- Firewall looks inside each incoming packet and using a set of rules and algorithms (way to complicated for my brain to understand) will drop packets it determines to be harmful.
-- SPI, I believe, should be turned on by default on the 825 b.  If not, TURN IT ON!

If anyone is interested, I can put together a quick guide on hardening your network with the DIR-825 b.  If interested, please fill out this short poll at http://links.waffull.com/dlink