My Router Firewall Does All The Work

Discussion in 'other firewalls' started by DBone, May 14, 2011.

Thread Status:
Not open for further replies.
  1. DBone

    DBone Registered Member

    Joined:
    Nov 24, 2010
    Posts:
    1,041
    Location:
    SoCal USA
    I have a Gateway 2701HG-B router that protects all 5 laptops in my home. I enabled the "Stealth" mode, and after doing that, I pass all of the tests on ShildsUP! for total invisibility. I also have all Windows 7 firewalls enabled and set to public, and the one XP firewall set to on, just in case one of my machines becomes infected behind the router.

    So my question is, with the majority of users being behind some sort of a router based firewall, then why for these users would they want an overly complicated 3rd party firewall? I understand that a software firewall is a great idea to protect each computer from one another behind the router, but the Windows 7 firewall set to public is more then enough protection for this event.

    I know a lot of you swear by whatever piece of 3rd party software you use, but it seems to me that if you fall in the category listed above, it is just a waste of disk space, as the router firewall will do all the work.
     
  2. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    I have a router firewall. I also have Comodo's firewall. Do I really need it? Probably not but it takes up so little space/disk IO/ RAM there's basically no reason not to.

    Having a 3rd party firewall that can track outgoing requests adds another layer of protection.

    Security should always be layered. There's never a time where you should look at one aspect and say "eh good enough."
     
  3. 0strodamus

    0strodamus Registered Member

    Joined:
    Aug 23, 2009
    Posts:
    1,047
    Location:
    United Surveillance States
    My router firewall lacks application control. This is the reason I use a 3rd party software firewall.
     
  4. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,729
    Location:
    localhost
    Simple, to have control of the outbound and not just the inbound (router) and to make use of simpler or more granular interfaces and functions (depending on the chosen firewall) than WIN7 firewall.
     
  5. alex_s

    alex_s Registered Member

    Joined:
    Aug 13, 2007
    Posts:
    1,251
    Can you setup your H/W firewall to allow svchost to connect to the Internet and "some suspicious program" not to?
     
  6. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Mainly outbound control and HIPS. Plus whatever other features it includes (mine has sandboxing, cloud analysis, protect ARP, etc).
     
  7. DBone

    DBone Registered Member

    Joined:
    Nov 24, 2010
    Posts:
    1,041
    Location:
    SoCal USA
    All good replies and points. I guess I'm more like the average user, then the typical Wilders member, then I thought.:D
     
  8. Sm3K3R

    Sm3K3R Registered Member

    Joined:
    Feb 29, 2008
    Posts:
    494
    I see there is a trend here .
    Disable the software firewalls and stay opened (to get owned) ,nothing will happen to you.
    The router has it s weak points and all routers protect differently.

    And opposed to your software firewall (that wastes disk space ?!) you practically don t really know what it s doing most of the time.

    Also there is no outbound control in a SOHO router ,as most of them are opened for outbound.
    This means that a trojan can own you PC quite nice and easy.
     
  9. crapbag

    crapbag Registered Member

    Joined:
    Mar 14, 2011
    Posts:
    144
    I sort of agree with you. I can pass the whole GRC thing with just my router firewall going.

    Personally I keep the OS firewalls on. Doesn't make sense to me to turn them off when there's minimal overheads or conflicts.

    I'm not so much interested in real-time AV protection but do feel naked without some kind of browser security and/or HIPS in place.

    Yeah you're protected from inbound connection attempts but you're still exposed to malware nasties from the inside.

    I'm an average user too, but when average browsing can be your biggest security threat you gotta have something in place.
     
Loading...
Thread Status:
Not open for further replies.