Best way to filter out IP addresses with hardware..?

[KingNeil]

I am looking to filter out IP addresses using hardware external to the computer itself.

I have decided that using Windows' system for filtering IPs/hosts is no good, because if someone hacked the computer itself, then they could just alter all of that anyway.

So it needs to be some external device, that can't be hacked.

The thing is, I am in a place where other people use the same router as me. So, using any built-in IP address filtering on the router is no good.

It needs to be some kind of hardware device that is placed between my computer, and the router.

It would have the ability to

1. Filter out all IP addresses except certain ones
2. Or, just filter out certain IP addresses

What is your recommendation for this...?

 

[Joe C]

I think some routers might be able to do that

 

[carnageX]

The thing is, I am in a place where other people use the same router as me. So, using any built-in IP address filtering on the router is no good.

Like Joe said, routers can do this. If you have a cheap/lower end router than you won't be able to set up advanced filtering like you want. You'll either have to see if you can put custom firmware (such as DD-WRT or Tomato) on it, or buy a better router with more advanced capabilities.

 

[Joe C]

The thing is, I am in a place where other people use the same router as me. So, using any built-in IP address filtering on the router is no good.

Do you own this router?

 

[C0RR0SIVE]

Put another router between you and that router?

 

[KingNeil]

Like Joe said, routers can do this. If you have a cheap/lower end router than you won't be able to set up advanced filtering like you want. You'll either have to see if you can put custom firmware (such as DD-WRT or Tomato) on it, or buy a better router with more advanced capabilities.

Hi, it's the original poster here.

So, how would you access this router...? Would it have a touch screen or something on it, or would I have to access it through another computer..?

Because remember, the original issue is that if the Windows computer itself is hacked, then obviously that creates issues.

The goal is to have a hardware device that is totally independent from any other computer on the network, other than, of course, routing data to it.

Also, does anyone have any reports of routers themselves being hacked, or are they generally considered to be secure..?

 

[carnageX]

Hi, it's the original poster here.

So, how would you access this router...? Would it have a touch screen or something on it, or would I have to access it through another computer..?

Because remember, the original issue is that if the Windows computer itself is hacked, then obviously that creates issues.

The goal is to have a hardware device that is totally independent from any other computer on the network, other than, of course, routing data to it.

That's...exactly what a router is lol.. All routers require login credentials to get to the web interface. You just have to make sure you change it from the default username/password.

Also, does anyone have any reports of routers themselves being hacked, or are they generally considered to be secure..?

As long as you keep the firmware up to date, create a secure set of login credentials for the router's web UI, set it to use at least WPA2 wifi (if using wifi) encryption (with a strong wifi password as well), and disable WPS..you should be fine.

 

[Ornstein]

Just to throw this out there: Even if a router's fancy GUI/web interface doesn't have an explicit way of creating IP filters or whatever else you need, many routers will support some kind of telnet/SSH login where you may then be able to run commands for things like iptables. This obviously depends on what user permissions the router manufacturer will allow you to have - so don't assume it will be possible on any router you purchase.