Tell me why I need a software firewall if I have a NAT router

Discussion in 'other firewalls' started by Defcon, Mar 21, 2007.

Thread Status:
Not open for further replies.
  1. Defcon

    Defcon Registered Member

    Joined:
    Jul 5, 2006
    Posts:
    332
    I have a Linksys router with NAT, which prevents unauthorized inbound connections. My understanding of the need for software firewalls with outbound protection for home users is as follows -

    - prevents malware from connecting to its servers or sending info.

    - lets you see and control connection attempts by XP and other programs which some people want to reject, but I have never had a problem with it. A common use is to prevent pirated sw from activating.

    My take on this is that if malware is running, you have bigger problems than its connection attempts. And it means some other security layer has failed.

    I've tried many firewalls (Comodo, ZA free, Outpost pro, various suites) and have yet to find one which did not require me to spend a lot of time configuring it. Or disabling it for various apps. And yet, I've never had a firewall warn me of something which prevented an attack.

    So are sw firewalls really worth it? Isn't the XP firewall with a router enough. Vista even has outbound protection.
     
  2. 19monty64

    19monty64 Registered Member

    Joined:
    Apr 10, 2006
    Posts:
    1,302
    Location:
    Nunya, BZ
    I would say it depends on the level of protection you need AND what layers of security you have installed, such as a/v, a/s, HIPS, etc. My sig. tells you my setup and I'm comfortable with it. It suits my needs. What surfing habits do you have? Do you use BitTorrent or similar app? Do you download a lot?
     
  3. Seer

    Seer Registered Member

    Joined:
    Feb 12, 2007
    Posts:
    1,596
    Location:
    Singidunum
    Hello Defcon

    And I would say that it depends on your desire to play with security software and your willingness to learn how to properly set it. If you don't like configuring firewalls, I would also say that you have a point there. 99% of average users don't really need outbound protection IMHO. I had similar experience as you, tried all kinds of packet filters, firewalls, HIPS and whatnot, but finally concluded that I don't need outbound. That doesn't mean that I don't use it, like most people here, I like playing with firewalls too, these are our toys. There are certain members here on Wilders who use 2 or even 3 software firewalls :)D !) alongside their router's, but I don't think they are terrified of malware, they simply like trying out and testing different combinations of setups. They are the real enthusiasts. But you posted on security forums, so expect strong encouraging on using software firewall with your Linksys (Comodo is veeery popular for outbound :D ).

    Cheers :thumb:
     
  4. VahlefeldD

    VahlefeldD Registered Member

    Joined:
    Mar 6, 2007
    Posts:
    13
    Hi,
    IMHO, you do not need a software firewall if your NAT router is correctly set up. In addition, software firewalls can cause slower outbound and inbound rates as all your transmitted and received network packages will have to run through that firewall algorithm.

    Furthermore, saying that most users don't need an outbound protection is not quite right. I have seen internet providers closing DSL accounts because their customer PCs were used as unsecured relays spreading out spam the whole day.

    For my part (this is not an advertisement), I use the Kaspersky Internet Security Suite 6 which has learning firewall and will always ask you if you like to allow that certain application to access the net or not. I also play online games excessively sometimes and do not feel influenced by the firewall in these games.

    Have a nice day!
     
  5. cprtech

    cprtech Registered Member

    Joined:
    Feb 26, 2006
    Posts:
    335
    Location:
    Canada
    I agree with all the responses so far. Controling outbound connections with a software fw is not everyone's cup of tea. If you are confident that you are not running anything malicious and you really don't want to bother responding to the outbound alerts by configuring and tweaking rules endlessly, then there is nothing wrong with just a router and running antivirus with maybe antispyware.
     
  6. SoCalReviews

    SoCalReviews Registered Member

    Joined:
    Apr 14, 2006
    Posts:
    282
    Location:
    Los Angeles, CA
    The reasons already mentioned such as outbound protection are good reasons for having a software firewall in addition to a NAT router but where a software firewall really helps the common user is with wireless security when connecting to a potentially untrusted network. The XP SP2 firewall is much better than nothing at all but an advanced software firewall such as ZoneAlarm allows you to configure your settings to restrict access to and from any local network whether it is wired or wireless. The advanced firewall alerts also let you know details about any inbound or outbound connection attempts made to your computer.

    If you use a notebook computer and connect to a public wireless network for internet access at a cafe or airport (and not on your own wireless or wired NAT router) you will have more configuration options and alerts to protect your computer from other computers on that network. The same would be true if you connect to a wired or wireless network at work, a place of business, or a friend's place. If someone connects their computer to your local network wired or wirelessly via your NAT router then your computer with an advanced software firewall better protected from unwanted access from the guest computer.

    With the addition of newer security features in many of the top rated software firewalls you are also better protected from malicious program exploits, phishing, and drive-by malware installations from bad websites. Many of the top rated anti-virus and anti-spyware programs also have similar protection features but an advanced software firewall offers an extra layer of protection. Your decision to use an advanced software firewall depends on your available system resources and whether you want to bother with the configuration options, training, and properly responding to the alerts that are required for it to be effective.
     
    Last edited: Mar 22, 2007
  7. coldplay

    coldplay Registered Member

    Joined:
    Nov 12, 2006
    Posts:
    191
    how about NAT router+Windows Firewall+ AV + Prevx1, would this cover ?
     
  8. farmerlee

    farmerlee Registered Member

    Joined:
    Jul 1, 2006
    Posts:
    2,585
    You don't need a software firewall imo. Some prefer them, some don't.
     
  9. SoCalReviews

    SoCalReviews Registered Member

    Joined:
    Apr 14, 2006
    Posts:
    282
    Location:
    Los Angeles, CA
    Is a router really enough? Is using a software firewall just a preference or is it critical to computer security? It depends on how much you are willing to trust the other users and their computers on the local area network that you are connecting to. If you use a notebook to access other networks for internet access or if you let visitors access your network then I would say that a software firewall becomes more important if not critical. If you are using a single computer on a trusted local network such as a properly secured home network (which includes a common NAT router) and your computer has good anti-virus and anti-spyware protection then it becomes somewhat less important.

    One of the most common breaches of computer security is on a local network itself. It happens on wired and wireless networks in larger companies, small businesses, personal networks and public internet access networks. If you are not using a good software firewall then you are relying on Windows to protect you against access attempts. At the very least the Windows firewall should be enabled in a fully updated version of Windows XP SP2. I am not using Windows Vista yet myself so I won't talk about specifics but Vista is supposed to have improved firewall security with features closer to those offered in advanced software firewalls that have been popular for pre-Vista versions of Windows.
     
    Last edited: Apr 2, 2007
  10. YeOldeStonecat

    YeOldeStonecat Registered Member

    Joined:
    Apr 25, 2005
    Posts:
    2,345
    Location:
    Along the Shorelines somewhere in New England
    //agrees

    It's up to the end user and what they want. For me...all I care about is preventing the outside, from coming in at will. For others....they want to know everything that goes on..including outbound. Some people are higher risk and more prone to a trojan coming in and sneaking out.
     
  11. farmerlee

    farmerlee Registered Member

    Joined:
    Jul 1, 2006
    Posts:
    2,585
    At home i only run a firewalled router, thats sufficient for me. If i go abroad with my laptop i simply enable look'n'stop.
     
  12. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    This question is dealt with in Firewall Questions for Beginners so I would just add the following comments:
    • No anti-virus software has (or ever will) provide 100% protection from malware (and it is very likely that their coverage will drop in future);
    • An increasing amount of "non-malware" now tries to connect out without user permission (adware being one example, the original release of Windows Genuine Advantage another);
    • Running a software firewall will provide a better understanding of what goes on network-wise, and knowledge very definitely equals power here.
     
  13. mercurie

    mercurie A Friendly Creature

    Joined:
    Nov 28, 2003
    Posts:
    2,442
    Location:
    Sky over the Wilders Forest
    Is there harm in Windows Gen. Advantage connecting out? Maybe an issue in the future if not today? Could turn into snoop ware, maybe? :doubt:
     
  14. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    It's a classical recommendation on most security websites, to install a router + firewall. It's better than router alone or firewall alone.
    Don't ask me why, because I'm just a newbie, who listens to good advices and when I read something over and over again, it might be close to the truth. :)
     
  15. Zeno2

    Zeno2 Registered Member

    Joined:
    Nov 27, 2005
    Posts:
    7
    Why?

    From my own experience, there are a lot of softwares that even if legally registered and you are an honest customer, these programs try to connect to various servers (even not belonging to their developer/author/company) for sending various private data collected from your computer!

    Same thing for serious websites (software companies, computer magazines, etc) !

    If you are aware of your personal integrity, YOU TRUST NO ONE!

    Sad, but true 100%.

    A software firewall does a pretty good control over what is going out from your pc, same thing is done by serious hardware firewalls like Cisco or SonicWall, but they cost from over 1000 $ and up.
     
  16. Long View

    Long View Registered Member

    Joined:
    Apr 30, 2004
    Posts:
    2,295
    Location:
    Cromwell Country
    It may be just pure coincidence but I haven't seen anything nasty since I installed a Netgear Router/Firewall about 3 years ago. Since then like many others I have installed and uninstalled numerous antivirus, spyware, and firewall programs.

    So Netgear plus Firefox (no scripts) is good for me. I run a spyware check and antivirus scan every so often and nothing ever shows up
     
  17. coldplay

    coldplay Registered Member

    Joined:
    Nov 12, 2006
    Posts:
    191
    Creating rules is too much pain for me so I use router+windows firewall+prevx1+AV
     
Loading...
Thread Status:
Not open for further replies.