Do I need a router?

Discussion in 'privacy general' started by JVM, Jan 7, 2006.

Thread Status:
Not open for further replies.
  1. JVM

    JVM Registered Member

    Joined:
    Dec 24, 2005
    Posts:
    328
    I have cable broadband and LnS firewall, and I only use one computer that is hard-wired to the cable modem. Would having a router offer me anything that I need beyond LnS? Does LnS prevent my IP address from being shown?
     
  2. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    no u dont need a router, ull be fine with LnS. and no LnS does not hide ur IP. for that u need a proxy/anonymizer.
     
  3. JVM

    JVM Registered Member

    Joined:
    Dec 24, 2005
    Posts:
    328
    I switched from DSL to cable and the cable tech said I should get a router to hide my IP address from being shown. Now I am confused o_O

    What is a proxy/anonymizer and does that also prevent my true IP address from being shown in e-mails when someone views the full headers?
     
  4. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    (click here for info on proxies, and here for info on anonymizer) an anonymizer is just a proxy that hides ur IP and possibly provides other security features. some software anonymizers include: hideip, ghostsurf, JAP, among several others.
     
  5. BlueZannetti

    BlueZannetti Administrator

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    Proxies and anonymizers don't hide your IP address per se, they simply change the cast of characters with access to it. In the end, does it help in preserving privacy? A fair amount with respect to casual privacy invasions.

    As for wholesale hiding of your IP address, well, if it was completely hidden, nobody could communicate with you. When a request to download content goes out from your PC, the recipient needs an address to respond to. That's either your end of the line, or an intermediary if you're using an anonymizer (after which the intermediary sends the content to you).

    Now, if your PC is directly connected to a cable modem, the IP address that your PC obtains is Internet routable. If you place a router between your PC and the cable modem, the router receives the Internet routable IP address and your PC is issued an IP address that is not Internet routable, it is taken from a private address space (e.g. 192.168.x.y). This has obvious implications to security, which is explained in detail here at Broadband Reports.

    Do you need a router? Well, if given the choice between spending $x.yz for a router or a software firewall, I would go with the router every time. One reason, even if you're good at configuring a software firewall, is load balancing - most of the activity now handled by your software firewall would be shifted to a separate and dedicated piece of hardware. Your CPU cycles wouldn't be spent quite as lavishly playing traffic cop. Since you have a software firewall, it's something of a judgement call. The difference between the two options is that:
    • A router controls inbound access only while a software firewall allows you to control both inbound and outbound communication.
    • A router is always on the job while your software firewall, like any application, can fail to launch, crash afetr launch, or otherwise suffer a loss of function. However, this should be quite obvious if you are familiar with our system
    • A software firewall can be misconfigured. This is my primary reason for leaning towards routers - basically you plug them inline and you're done. Software firewalls need to be configured. In the hands of an expert, the software firewall is certainly a more powerful solution, but in the hands of a novice, me for example, wrong choices can lead to bad results. Proper configuration is not hard to learn, but it's a matter of spending the time to get the details right.
    Blue
     
  6. JVM

    JVM Registered Member

    Joined:
    Dec 24, 2005
    Posts:
    328
    Thanks for the links. I switched from DSL to cable and was supposed to get up to 7 megs on downloads, but the results have been less than satisfying. My download speed has been around 3-4 megs and so I called the cable company to cancel; I'll be going back to DSL, which means back to the wireless modem/router.

    I don't have time now, but I will check into that first link tomorrow when I have time, lots of detail there to read. The one thing I really dislike is my IP address showing up in full headers of e-mails.
     
  7. Arup

    Arup Guest

    Before you throw out your cable connection have you tried using TCP Optimizer from www.speedguide.net

    If that doesn't work then I suggest you get rid of your cable connection as it seems they have a high contention ratio.
     
  8. JVM

    JVM Registered Member

    Joined:
    Dec 24, 2005
    Posts:
    328
  9. BlueZannetti

    BlueZannetti Administrator

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    Well, I live close to Philly and just used the NY speakeasy test. It yields basically what I should see based on my known connection max speed (6 Mbps down/350 kbps up). Take that for what it's worth.

    Blue
     
  10. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    I am on cable and got an almost identical result from each one.
     
  11. JVM

    JVM Registered Member

    Joined:
    Dec 24, 2005
    Posts:
    328
    I got a lot less than maximum with cable, but with DSL I get about 2.8 Mbps down and around 712 kbps up, which is close to my maximum of 3 Mbps down and 800 kbps up.

    I wonder if using the wireless modem/router for DSL helped because of the router--I didn't use a router for the cable modem. Do you think a router would make the connection faster?

    I did notice a lot more UDP and ICMP listed in LnS using the cable modem without a router. One thing to note is my wireless router's firewall is not active. So now another question is why were there so many more log entries with cable?
     
  12. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    If anything the router would slow it down, but usually only by very little. Chances are that your modem already has a NAT (same as a router) built in. Does the modem say that it supports multiple computers? (if so, then it definitely has a NAT, and the router would be redundant)
     
  13. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,095
    Try (freeware) Cablenut: http://www.cablenut.com/

    -- Tom
     
  14. JVM

    JVM Registered Member

    Joined:
    Dec 24, 2005
    Posts:
    328
    No, the cable modem only supports one computer.

    I've decided to keep DSL until FIOS comes into my area, probably in 1-2 years is what I've been told. Going with cable means after the promotion period I would be paying lots more if I don't get cable for the TV. I have the cable jacks in my home, but I think DirecTV is better and no need to fuss with cable since FIOS will be coming.
     
  15. JVM

    JVM Registered Member

    Joined:
    Dec 24, 2005
    Posts:
    328
    I forgot to post the results of two speed tests (cable broadband without a router) done at Stanford. One of the perplexing things to me is how on one test it said half duplex and the other full duplex. These two tests were done one after the other:


    ------ Web100 Detailed Analysis ------
    Cable modem/DSL/T1 link found.
    Link set to Full Duplex mode
    No network congestion discovered.
    Good network cable(s) found
    Normal duplex operation found.

    Web100 reports the Round trip time = 129.49 msec; the Packet size = 1460 Bytes; and
    No packet loss was observed.
    This connection is receiver limited 56.47% of the time.
    Increasing the the client's receive buffer (0 KB) will improve performance
    This connection is network limited 43.36% of the time.

    Web100 reports TCP negotiated the optional Performance Settings to:
    RFC 2018 Selective Acknowledgment: ON
    RFC 896 Nagle Algorithm: ON
    RFC 3168 Explicit Congestion Notification: OFF
    RFC 1323 Time Stamping: OFF
    RFC 1323 Window Scaling: OFF
    Packet size is preserved End-to-End
    Server IP addresses are preserved End-to-End
    Client IP addresses are preserved End-to-End


    ------ Web100 Detailed Analysis ------
    Cable modem/DSL/T1 link found.
    Link set to Half Duplex mode
    No network congestion discovered.
    Good network cable(s) found
    Normal duplex operation found.

    Web100 reports the Round trip time = 150.79 msec; the Packet size = 1460 Bytes; and
    There were 45 packets retransmitted, 156 duplicate acks received, and 177 SACK blocks received
    The connection was idle 0 seconds (0%) of the time
    This connection is receiver limited 51.01% of the time.
    Increasing the the client's receive buffer (0 KB) will improve performance
    This connection is network limited 48.82% of the time.

    Web100 reports TCP negotiated the optional Performance Settings to:
    RFC 2018 Selective Acknowledgment: ON
    RFC 896 Nagle Algorithm: ON
    RFC 3168 Explicit Congestion Notification: OFF
    RFC 1323 Time Stamping: OFF
    RFC 1323 Window Scaling: OFF
    Packet size is preserved End-to-End
    Server IP addresses are preserved End-to-End
    Client IP addresses are preserved End-to-End
     
  16. Arup

    Arup Guest

    Tom,

    TCP Optimizer is free as well and is newer than Cablenut.
     
  17. Arup

    Arup Guest

    For speed, unless you get a fancy router like D-Link Gaming or Zyxel 500 which support 16000 connections, the modem is a much faster and cheaper option for you with a low overhead software firewall.
     
  18. JVM

    JVM Registered Member

    Joined:
    Dec 24, 2005
    Posts:
    328
    Well, I have a wireless modem/router for DSL because my daughter gets connected upstairs via a USB adapter.

    I can't complain about my DSL speed, and I am using LnS firewall with the modem/router combination. However, the router firewall is set to allow all traffic.
     
Loading...
Thread Status:
Not open for further replies.