do i need a router?

hi, im on a standalone computer and i have kerio 2.1.5. i always hear paople saying that a router is necessary, but do i need one on a standalone computer? thanks.

 

No, it is not necessary. Some users with standalone systems will use a router as an additional and first layer to deal with unsolicited inbound traffic. Routers also have the advantage of being independent of your system/OS. So a nice to have, but not a must.

Regards,

CrazyM

 

thank you, CrazyM . i think that's the first time i've heard someone say that it's not necessary. i've just recently started to learn about networks, and it's the subject i like best . can i go off topic for a second, and ask you one question? can you think of a good book, or site, i can get/goto which will help me learn about networks.? thanks

 

oh, there's one more thing, can i use something like snort on my computer? i'd like to use it more as a way to learning then as security. would i need a router then? thanks.

 

Hi iceni60,

TCP/IP Tutorial and Technical Overview is a popular IBM Redbook about networking.

Nick

 

thanks, NIck. i'll have alook now .

nydr, if i ever need any forensics done i'll know who to call fantastic post, mate.

 

Nick, have you ever downloaded the PDF from the first link you gave? i know you wouldnt give a bad link, i just want to make sure as you didnt mention a download. thanks.

 

thanks, Ron. i'll bookmark it, it looks like there'll be different things to read weekly/monthly there too. i havent totally ruled out a router, if i can find out more about snort, and if i end uprunning it, i might be needing one.

i just started the PDF download and it looks like it is installed with the windows installer. mine stopped working about 3 weeks ago, and i dont think it will install i did start a thread about it. i'll go back to it and see if anyone can come up with anything. thanks.

 

Should have mentioned it was a PDF download. I have the whole thing saved in HTML format somewhere. I'll see if I can find it.

Nick

 

thanks, Nick. i'll go and see if the installer can be fixed before i do anything else.

 

No one that isn't networking "needs" a router, but layering your system security is sensible. A decent router with NAT and even some with true firewalls can be had for a reasonable price. I use a D-Link DI-604 along with ZAP, NOD32, and BOClean. I keep F-Prot for Win as a backup A/V scanner, and The Cleaner as an on demand anti-trojan. I also run Spybot S&D as well as Ad-Aware. Total cost: under $100. Feeling good about my security: Priceless!

 

Same here! Sorry for going off topic but I've been foaming at the mouth at those Maxtor One-Touches too. First real review I've read on it though. Sorry did not mean to but in

Thanks Nick I downloaded the IBM RedBook PDF for more advanced learning later.

 

Don't forget: a router is needed only to route network traffic and it can do some basic network filtering, like allowing and blocking certain kinds of network traffic.
The main security function that most routers provide too is the NAT (Network Address Translation) function. It creates a local network who's structure is not visible to the outside world. In fact, it is not a security feature at all, but it delivers a large amount of security, because an invisible system cannot easily be attacked from the outside.

Installing just a router is not enough: you have to make sure that it is configured correctly. A lot of broadband modems come with the firewall part disabled.

And please be aware that in router there is no intelligence: all incoming must be seen as hostile, while it does allow al outgoing traffis. So, there's no protection against compromised systems on your lan.
Also be aware that real logging analysis can be a problem.

Lesson: you want a personal firewall that can control outgoing traffic on all the computers on your local network too.

Do you need a router? No, like CrazyM said. But you'll want one if you have more than one computer on your local network, and you let it serve the internal IP-addresses using the dhcp-server function of the router.

 

Hello QB,
Welcome to the Wilders. Nice set up. I couldn't agree more. Some very good choices imho.

 

thanks for all the answers. QBgreen said something about a NAT. and Meneer added abit. but, am i right in thinking that i wouldnt have any use for one at all? they are for a LAN so all the computers can use the same address when useing the WAN? the router would then resolve the addresses for any internal and external requests so a LAN can connect to the WAN and vice versa. one thing a router would be good for is to protect against worms and in particular against port scanning - that i think would be the only plus point i can think of, because it sits out on the network and is separate from your computer any attack can not by-pass it. and it is a more solid defence against any outside attack. thanks

 

I went through this whole router thing myself a few weeks ago, I even trialled one, but in the end I decided against its use.

Part of the reason is that I am on a standalone machine with a USB connection. That means I am not online until I connect up, even though I am on Broadband, and I can disconnect and work offline any time I choose.

With a router I had to use Ethernet connections, which meant I was permanently online from the moment I booted up. This is obviously less safe, even with the hardwire FW.

So unless you require to be always online, a properly configured software FW, keeping you fully stealthed, is really good enough - unless you want to be on a network, which is a different matter!

 

I think that you are right. The whole point of network security is to only allow the communication that you want. If you don't want any incoming traffic: close the gates. A hardware box would be just fine. If you need more control and more advanced options (say a vpn, of website hosting) trouble could arise. This will take you quote some effort studying the manuals and FAQ's.
But in the simple setup, a hardware box is a great asset. Saves a lot of headaches.
I'm using a linux system as firewall/router combo. But my main motivation for using such a system is not the firewall/router part, I hardly ever touch those functions of the system, they just work out of the box.

 

thanks for your help, meneer

 

Hi iceni60!

If you are interested in using Snort in conjunction with a fw (workstation based) then have a look at Snortsam: www.snortsam.net

There is a version of Snortsam for 8Signs and CHX-I FW... I currently use CHX-I and Snortsam+Snort on a stand alone system due to having a dedicated game/file server... If you just have a stand alone workstation, then having snort is not necessary..

I have a 'How to' doc for 8Signs here:
http://www.fluxgfx.com/ssc/showthread.php?goto=newpost&t=29

Take care
Jazzie

 

thanks, Jazzie1. i have just been told about Samhain i'm going to give that ago. thanks for your post too, if i understood correctly, i would have to change firewall to use your suggestions?

 

In order to use Snortsam to autoblock, (send command line commands) to your fw, it would have to be incorporated into Snortsam as a plug-in. Unfortunately, there are only a few Win32 based firewalls that use command line arguements. 8signs and CHX-I are two of them. However, you can use Snort on any fw. If you want an easy to use, all-in-one platform there is a tool called IDS Center: http://www.engagesecurity.com/downloads/#idscenter

Other tutorials are at the famous: www. winsnort.com
They have just updated all thier guides for Windows to compliment Snort 2.3

Take care and good luck

CU
Jazzie

 

sorry if this post is out of the topic.
Anyone can suggest the best security/stable/fast router for home users. We use dlink router; it works ok but its revisions of firmwares have been really lousy time by time. Everytime a revision came out, gave it a try, bewared problems with the router then.
thankx in adv.