Hardware firewall while on the road

derekjohnston

Registered
I travel with a MacBookPro and have taken all the obvious steps to secure my box. I have an unused wireless router (WRT54GL v1.1) that I would love to take with me and add another layer to my armor.

I've reflashed it to WW-DRT and understand that I can run the router as a client. Rabbit ears would capture the signal from WiFi hotspot (motel) and the laptop would be connected to the router via CAT5. In other words, the router is running in the opposite direction.

How much security am I really gaining with this setup? As secure as OSX has been, a hardware NAT firewall is always superior to a software solution.

Derek
 

Satcomer

In Geostationary Orbit
Don't fret because since OS X has BSD Unix underneath it it has the best firewall called IPFW that one has to be an expert to get into it. However a great set of two free/donationware applications the give a graphical interface to IPFW are NoobProof and/or WaterRoof. No other firewall can be beat IPFW.
 
Last edited:

derekjohnston

Registered
But these are all software solutions.

I believe you that these are as good as it gets and that I am very safe but any security blog will tell you that once your system is compromised, software protection is useless (http://www.grc.com/sn/SN-004.pdf). I feel comfortable with a hardware (NAT) router and I suppose it could be overkill.

I'm ignorant of how this could be implemented. What is involved in setting this up?
 

Satcomer

In Geostationary Orbit
Yes a hardware firewall is better. But the nature of being on the road is to be as light as possible. That is why I suggested of using the Unix firewall (with the free graphic tools to configure) because it has over 30 years of firewall refinements and is constantly upgraded (OS X security upgrades). Plus take it from me, someone who works in securing my country) that my work LOVES IPFW! If it is good enough for big brother, it should be secure enough for you.

Now if you want nat and has the fastest, safest wireless security then consider getting a Airport Express. You can take this little beast into a hotel room (with a small Cat 5E cable) and have a NAT wireless router that use wireless N and WPA, WP2 enterprise and WP2 Personal (as well as all the older wireless technologies) and run IPFW using the tools I posted earlier and be totally secure.

Plus remember the best security rest between the keyboard and the chair! Plus remember being on the road it always best to travel light.
 

derekjohnston

Registered
Hey, I was looking at IPFW and that does look awesome. I'll be reading up on it. And you're right. At some point the trade-off of convenience and security make the issue moot.

Thanks for help.
 
Top