|
Every router I've known has a hardware firewall built-in, and they're way better than any software firewall I've ever used.
|
That's nonsense. There is no such thing as a "hardware" firewall.
The router also has a processing unit and there is a firewall component stored inside the BIOS or other non-volatile storage memory, which is then run on the PU.
Needless to say this sort of firewall isn't as mighty as a software firewall like iptables would be (e.g. you can't update the firewall component without replacing the rest of the firmware). What you really want is a dedicated machine with a stable iptables running and someone with the experience to configure iptables.
If you want a secure network then create an OpenVPN tunnel, or use SSH/SCP for file transfers. Windows is unsecure by design because it confuses the average user who just want's to "use" his system. If you really want to have a (rather) secure system you need to pay a price. There is no software that once installed miraculously gives you an un-crackable system.
You need to check for known security bugs, regularly update you system - especially internet services which communicate with the net. Check your logs for suspicious entries. Encrypt you files, analyse email attachments prior to opening them, manually update applications that are not handled by the windows installer (because even them can pose a security threat to the system) and don't use unsecure communication when talking to other people on the net. That involves using unencrpted IRC, ICQ, email when chatting about passwords, etc. - anything that could be used to break into your system.
Jam it back in, in the dark.
85242
35212
LiquidAcid