Cable Router - Which Firewall ?

Discussion in 'other firewalls' started by NGRhodes, Mar 26, 2004.

Thread Status:
Not open for further replies.
  1. NGRhodes

    NGRhodes Registered Member

    Joined:
    Jun 23, 2003
    Posts:
    2,331
    Location:
    West Yorkshire, UK
    Hi

    I have recently purchased a Linksys cable router with NAT.

    I am wondering if I actually need my software firewall on my PC anymore ?

    If not, what functionality will I need ?
     
  2. Detox

    Detox Retired Moderator

    Joined:
    Feb 9, 2002
    Posts:
    8,507
    Location:
    Texas, USA
    I would still use a software firewall. That's the only way to watch your outbound applications/connections.
     
  3. meneer

    meneer Registered Member

    Joined:
    Nov 27, 2002
    Posts:
    1,132
    Location:
    The Netherlands
    And a cable router is no firewall, unless yuo configure it that way. NAT is nice, NAT is good, but it will not stop attacks. So you'll have to add the firewall options.
    And, like Detox said, use a software firewall, especially when others use your computer as well. You may be trusted, but third parties that are not security minded are a risk.
     
  4. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    Hi nickr

    As Detox noted, if you want control over what applications are allowed access to the Internet, then you will want to run a software firewall with application control on your system(s) behind the router.

    If you are comfortable with just the router, I would suggest having some utilities handy to monitor connections/traffic on occassion and when needed (ie. port mapper, packet capture).

    Port Mappers
    Port Explorer
    Vision
    Active Ports

    Packet Capture
    Ethereal

    Regards,

    CrazyM
     
  5. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    Hi meneer

    Not all SOHO routers are created equal, in addition to NAT, some will have varying degrees of firewall functionality as well.

    What type of attacks are you suggesting basic NAT routers will not stop?

    Regards,

    CrazyM
     
  6. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    In the last three months since I got my router (linksys )which does have a firewall I have had three different soft firewalls Kerio 2.1.5 ,sygate, and my current one mcafee 4.0. The inbound log on these three firewalls have remained blank with not one entry of intrusion of anykind. I would say that the firewall in the router does an excellent job of blocking and protecting my computer. It has not been configured, it is just the way it came out of the box.
     
  7. NGRhodes

    NGRhodes Registered Member

    Joined:
    Jun 23, 2003
    Posts:
    2,331
    Location:
    West Yorkshire, UK
    I have been logging all traffic on my pc for a week and so far can agree with bigc73542.

    So it would appear that the inbound filtering is redundant on a software firewall.

    I run emule (edonkey network) a lot, and have 1 UDP and 1 TCP port open, I was thinking that maybe a software firewall would help here, but I am not sure, as Im pretty sure the emule needs to be able to accept unsolicatated connections.

    So from an inbound point of view there is no use (I can see) of a software firewall.

    I then thought about my outbound connections. Application filter would be a good preventitive measure against unwanted programs connecting out, but is this level of security needed, when I run a decent virus scanner, and my email server filters 99.9% spam and all the common virus's. Parania suggests that application filter is a good thing for the little cost of resources.

    So, what software provide good (free ?) application filtering. Am I right in thinking that there is no real need to monitor connection, ports directly, just the actual apps wanting generic internet access ? And Im just going to have to accept that filesharing apps are security risk.
     
  8. controler

    controler Guest

    Hi

    I would like to see some posts on the results of tests taken at the various
    port testing sites using the new SP2 RC1 release.
    From what I am seeing on my system. All ports are protected by the built in firewall now and as old fasioned as this may sound, I love the DOS
    firewall settings.

    Bruce
     
  9. gerardwil

    gerardwil Registered Member

    Joined:
    Jan 17, 2004
    Posts:
    4,748
    Location:
    The Netherlands
    Hi,

    If your router normally blocs all incoming traffic and you are 100% sure no malware is coming to your machine via http, mail or whatever protocol you won't need a PF in my opinion.

    Having said that and when not 100% sure i still dont know which PF is the best. I think they have all pro's and contra's, so it will be more or less a personal descision. I would say test some of them for a while.

    Gerard
     
  10. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    Once you start forwarding traffic through the router, the risk increases. Having a software firewall with application control would allow you to restrict that traffic to that application.

    That assessment would be up to you with consideration to what you use your system for, who else uses it, etc.

    For most it is probably a good thing to maintain application control via a software firewall.

    Some of the free ones would include ZA, Sygate, Kerio and Outpost. Just a matter of finding the one that works best for you and that you are comfortable with.

    Are you referring to the utilities I mentioned above?

    Yes ;)

    Regards,

    CrazyM
     
Loading...
Thread Status:
Not open for further replies.