Firewalls and proxy servers are important tools for securing mixed networks that connect to the Internet. Firewalls use packet filtering to restrict external connections to a limited set of services. Proxy servers let internal users access the Internet but prevent external Internet users from connecting to the network. You can even get a proxy firewall, a hybrid of these two tools. Although we recommend that you take advantage of the firewall technology, you need to know that firewalls and proxy firewalls aren't hackerproof. Firewall packet filtering is susceptible to router attacks. Frankly, anytime you can apply sophisticated sniffer technology to a router environment, there can be no guarantee that filters will be foolproof. To prevent these attacks, you can reconfigure your router. Although Telnet is a convenient reconfiguration tool, a more secure method is to manually reconfigure the router. (The next section contains more information about why you should not use Telnet.) The firewall's Simple Network Management Protocol (SNMP) is also susceptible to attacks. An easy-to-guess password for read/write access can leave a router and other network gear vulnerable to reconfiguration, packet filter removal, and other abuses by hackers. Using proxy services has a downside, but it isn't related to security. Proxy servers and proxy firewalls might degrade access speed to the Internet. You can avoid this performance decrease by using a proxy server or proxy firewall with a cache.