hi, just wondering if it is safe to set the trusted zone as
192.168.0.0/255.255.255.0

this means that my router is trusted?

(my router is 192.168.0.1)

or would it be more secure to have a trusted zone as 192.168.0.2-192.168.0.15

(only ip's of my servers/pc's and devices)?

-{ Quote: "hi, just wondering if it is safe to set the trusted zone as
192.168.0.0/255.255.255.0

this means that my router is trusted?

(my router is 192.168.0.1)

or would it be more secure to have a trusted zone as 192.168.0.2-192.168.0.15

(only ip's of my servers/pc's and devices)?" }-

Good question can anyone help?

What are the implications of trusting your router?

-{ Quote: "hi, just wondering if it is safe to set the trusted zone as
192.168.0.0/255.255.255.0

" }-

In my opinion , it is as safe as unsafe . I personally use NAT device but I never trust routers/hardware firewalls 100% . For me they are only addition (excellent addition but just addition) . I think everyone should trust more the software firewall - this is my opinion. It can be only safe if your router is well configured.

-{ Quote: "this means that my router is trusted?" }-

Yes , this mean your router is trusted . All IPs 192.168.0.xxx are trusted if subnet 192.168.0.0/255.255.255.0 is added as trusted


-{ Quote: "or would it be more secure to have a trusted zone as 192.168.0.2-192.168.0.15
(only ip's of my servers/pc's and devices)?" }-

In all cases , this is much more secure ;)

-{ Quote: "
In all cases , this is much more secure ;)" }-

Quick response good stuff.

Every time I install ESS beta I get the same message. Would I be wiser to select no, not a trusted Zone.

Im being stupid I'm sure but what difference does it make to the why ESS behaves?

-{ Quote: "Would I be wiser to select no, not a trusted Zone." }-

It depends on you . If you are home user , you are not sharing resourses , then you have nobody to trust on the network , then just select NO . These settings can be changed from ESS's Advanced setup tree
192757

http://www.wilderssecurity.com/attachment.php?attachmentid=192322&stc=1&d=1186154593

note: pictures takes from Wilders threads and WSFuser's posts


-{ Quote: "Im being stupid I'm sure but what difference does it make to the why ESS behaves?" }-

What do you mean?

cheers... i do trust the router for inbound protection, but prefer to run software alongside, for fine tuning outbound transmissions..

however ESS has Hard coded rules,, which to me means i cant control it fully.. i hope these rules are gone (or optionally removable) in next version

-{ Quote: "cheers... i do trust the router for inbound protection, but prefer to run software alongside, for fine tuning outbound transmissions..

however ESS has Hard coded rules,, which to me means i cant control it fully.. i hope these rules are gone (or optionally removable) in next version" }-

Just keep in mind that malware today injects code in other processes, most notably IE. That way it usually bypasses outgoing connection control by the firewall.

malware?

just use common sense.. never had an infection on my home network..

guess that comes from years of cleaning up clients computers:)

Not in that business, though I occasionally shoot some viruses ;D . If you want to control (as you said) outgoing connections of all the software you installed, then firewall is ok. Malware is different thing... Problem is that firewall in such case also has to guard against code injection, which is not so simple. People sometimes rely too much on firewall outgoing control, that's why I mentioned it.