Hi

I have recently purchased a Linksys cable router with NAT.

I am wondering if I actually need my software firewall on my PC anymore ?

If not, what functionality will I need ?

I would still use a software firewall. That's the only way to watch your outbound applications/connections.

And a cable router is no firewall, unless yuo configure it that way. NAT is nice, NAT is good, but it will not stop attacks. So you'll have to add the firewall options.
And, like Detox said, use a software firewall, especially when others use your computer as well. You may be trusted, but third parties that are not security minded are a risk.

Hi nickr

-{ Quote: " quoting: nickr link=board=23;threadid=25822;start=0#msg150084 date=1080315047]I have recently purchased a Linksys cable router with NAT.

I am wondering if I actually need my software firewall on my PC anymore ?" }-

As Detox noted, if you want control over what applications are allowed access to the Internet, then you will want to run a software firewall with application control on your system(s) behind the router.

-{ Quote: "If not, what functionality will I need ?" }-

If you are comfortable with just the router, I would suggest having some utilities handy to monitor connections/traffic on occassion and when needed (ie. port mapper, packet capture).

Port Mappers
Port Explorer (http://www.diamondcs.com.au/portexplorer/)
Vision (http://www.foundstone.com/knowledge/proddesc/vision.html)
Active Ports (http://www.protect-me.com/freeware.html)

Packet Capture
Ethereal (http://www.ethereal.com/)

Regards,

CrazyM

Hi meneer

-{ Quote: " quoting: meneer link=board=23;threadid=25822;start=0#msg150256 date=1080331253]And a cable router is no firewall, unless yuo configure it that way." }-

Not all SOHO routers are created equal, in addition to NAT, some will have varying degrees of firewall functionality as well.

-{ Quote: "NAT is nice, NAT is good, but it will not stop attacks. So you'll have to add the firewall options." }-

What type of attacks are you suggesting basic NAT routers will not stop?

Regards,

CrazyM

In the last three months since I got my router (linksys )which does have a firewall I have had three different soft firewalls Kerio 2.1.5 ,sygate, and my current one mcafee 4.0. The inbound log on these three firewalls have remained blank with not one entry of intrusion of anykind. I would say that the firewall in the router does an excellent job of blocking and protecting my computer. It has not been configured, it is just the way it came out of the box.

I have been logging all traffic on my pc for a week and so far can agree with bigc73542.

So it would appear that the inbound filtering is redundant on a software firewall.

I run emule (edonkey network) a lot, and have 1 UDP and 1 TCP port open, I was thinking that maybe a software firewall would help here, but I am not sure, as Im pretty sure the emule needs to be able to accept unsolicatated connections.

So from an inbound point of view there is no use (I can see) of a software firewall.

I then thought about my outbound connections. Application filter would be a good preventitive measure against unwanted programs connecting out, but is this level of security needed, when I run a decent virus scanner, and my email server filters 99.9% spam and all the common virus's. Parania suggests that application filter is a good thing for the little cost of resources.

So, what software provide good (free ?) application filtering. Am I right in thinking that there is no real need to monitor connection, ports directly, just the actual apps wanting generic internet access ? And Im just going to have to accept that filesharing apps are security risk.

Hi

I would like to see some posts on the results of tests taken at the various
port testing sites using the new SP2 RC1 release.
From what I am seeing on my system. All ports are protected by the built in firewall now and as old fasioned as this may sound, I love the DOS
firewall settings.

Bruce

Hi,

If your router normally blocs all incoming traffic and you are 100% sure no malware is coming to your machine via http, mail or whatever protocol you won't need a PF in my opinion.

Having said that and when not 100% sure i still dont know which PF is the best. I think they have all pro's and contra's, so it will be more or less a personal descision. I would say test some of them for a while.

Gerard

-{ Quote: " quoting: nickr link=board=23;threadid=25822;start=0#msg150551 date=1080379967]I run emule (edonkey network) a lot, and have 1 UDP and 1 TCP port open, I was thinking that maybe a software firewall would help here, but I am not sure, as Im pretty sure the emule needs to be able to accept unsolicatated connections." }-

Once you start forwarding traffic through the router, the risk increases. Having a software firewall with application control would allow you to restrict that traffic to that application.

-{ Quote: "I then thought about my outbound connections. Application filter would be a good preventitive measure against unwanted programs connecting out, but is this level of security needed, when I run a decent virus scanner, and my email server filters 99.9% spam and all the common virus's." }-

That assessment would be up to you with consideration to what you use your system for, who else uses it, etc.

-{ Quote: "Parania suggests that application filter is a good thing for the little cost of resources." }-

For most it is probably a good thing to maintain application control via a software firewall.

-{ Quote: "So, what software provide good (free ?) application filtering." }-

Some of the free ones would include ZA, Sygate, Kerio and Outpost. Just a matter of finding the one that works best for you and that you are comfortable with.

-{ Quote: "Am I right in thinking that there is no real need to monitor connection, ports directly, just the actual apps wanting generic internet access ?" }-

Are you referring to the utilities I mentioned above?

-{ Quote: "And Im just going to have to accept that filesharing apps are security risk.
" }-

Yes ;)

Regards,

CrazyM