Just to be sure... do I need a firewall with a router?

Discussion in 'other firewalls' started by housepiglet, Sep 29, 2008.

Thread Status:
Not open for further replies.
  1. housepiglet

    housepiglet Registered Member

    Joined:
    Jan 6, 2008
    Posts:
    33
    Hi,

    Sorry if this seems very simplistic, but I want to be sure I'm not cocking things up.

    Until a week ago I was using a router, and I believed that meant I didn't need a software firewall. I used to use one but when I got the router I stopped.

    Last week my router broke down and so I installed Comodo firewall to cover me while the cable modem was connected directly to the computer. Today the new router arrived, though. I've installed it, and now I'm wondering whether I can switch Comodo off. Naturally I have AV software: I just want to be absolutely clear on whether I need a software firewall now that I've got a working router again.

    Incidentally, I have a Motorola SB4100 cable modem, and a Netgear WGR614 v.9 router.

    Many thanks for any help.
     
  2. Meriadoc

    Meriadoc Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    2,642
    Location:
    Cymru
    Datasheet, Netgear.

    If you want outbound protection then install a software firewall. If you have not set any rules with the router the default allow all outbound will apply (default inbound is block all.)
     
    Last edited: Sep 29, 2008
  3. housepiglet

    housepiglet Registered Member

    Joined:
    Jan 6, 2008
    Posts:
    33
    Thanks Meriadoc.

    Am I right in thinking that it would be best to have some outbound protection? I've got various prog's to check for Trojans etc but if one slipped through the net then presumably that's the sort of thing outbound protection might detect?

    Sorry to sound clueless but keeping up with how this stuff works is a bit of a struggle for me (too old, wrong sex etc) :)
     
  4. Meriadoc

    Meriadoc Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    2,642
    Location:
    Cymru
    Hi housepiglet no need to apologise and your certainly on top of things by posting here.

    You don't necessary need a software firewall behind a router and many don't use one it may depend on experience. Firewalls in routers can be configured with rules for inbound and outbound or another tool may be used. If you feel it will help with and take care of the outbound then why not - something light and unobtrusive.
     
  5. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,786
    If you were doing fine with just the router till now, then I'd say go ahead and continue on as you were. I suppose you could also leave the Windows Firewall turned on as some sort of backup in the event that the router fails, although I have also heard that if and when a router fails, then so does your entire internet flow, so perhaps that's an unnecessary precaution. Outbound protection is really up to you, it's possible to go crazy trying to set up firewalls and HIPS to catch every possible scenario trying to get out. So if you were doing good before, I don't see any reason to change...
     
  6. housepiglet

    housepiglet Registered Member

    Joined:
    Jan 6, 2008
    Posts:
    33
    Many thanks again Meriadoc, and Kerodo. I think I'll just stick with the router for now, then, as I didn't seem to be having a problem before and I'd rather not slow things down if I don't need to.

    Your help is much appreciated :D
     
  7. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses
    Hello:

    You have received advice here on FW's. The "answers" to the issue of having an outbound FW depend on the risk profile you have on the www. If you just do email and light surfing for receipts and weather then everything you are doing is fine. Security trumps speed in my view.

    If on the other hand you keep financial and private information on your PC and purchase items on credit and do on line banking then your risk of identity theft is higher.

    In the latter situation, the advice you have had and the steps you are taking are inadequate.

    I'm not trying to be combative at all I just worry about privacy on outbound.
     
  8. housepiglet

    housepiglet Registered Member

    Joined:
    Jan 6, 2008
    Posts:
    33
    Thanks, Escalader. I appreciate your thoughts, and I'm certainly concerned about security too. I don't keep bank info on the computer, but I do make online purchases on a fairly regular basis and I wouldn't want my details slipping out!

    I've not switched Comodo off yet. I'll leave it on for now and go and look into things further.

    Many thanks again :)
     
  9. faterider

    faterider Registered Member

    Joined:
    Nov 6, 2004
    Posts:
    64
    Yes, leave it ON. Outbound protection is a must when money transactions are involved.

    Problems in PC security terms are of different kind and the worst of them are never spotted. You say you didn't have any before, but how do you know? It's not like hardware failures when you can't boot for example. All the malware writers put the best of their skill to make trojans, keyloggers, etc. undetectable. Hundreds of thousands of PCs are part of zombie networks and the owners think everything is OK.

    Keep ComodoPF and don't let anything except browser, downloader and other safe apps out <img>
     
  10. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses
    Good decision. CFW has an outbound feature, best to leave it on till you finish your research.
     
  11. CoolWebSearch

    CoolWebSearch Registered Member

    Joined:
    Sep 30, 2007
    Posts:
    1,215
    It's true. I'm using router as well and it did happened to me that router when failed simply blocked all internet connections, both inbound/outbound-it already happened to me dozens of times-and I've never been affected, of course first I had to learn how to configure and empower some issues in router itself.
     
  12. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    My suggestion would be to use Sandboxie for your purchases. Then you can ensure that only the browser.exe has access to the net, and do many more restrictive settins to ensure 'other' programs are not running or at least permitted to go online.

    If you start with a known good state of OS and browser, then you should be safe. A precaution would then be to delete the sandbox contents when leaving, thus leaving no trace of anything that 'might' have been picked up during the session.

    This works really well for online purchases because the sandbox is always in a 'clean' state. That is, if your system is also clean.

    Sul.
     
Loading...
Thread Status:
Not open for further replies.