Need Firewall?

[Mista Fadedglory]

Hello,

I recently purchased a Linksys wireless router to have a wireless
network in my house. with that I'm wondering, do I need a software
firewall like Comodo or ZoneAlarm anymore? I thought that I had heard
that there is no need for those if I have a "hard" router.

Thanks in advance.

 

[Bruce Hagen]

Re: Need Firewall?

"Mista Fadedglory" <mistafadedglory@gmail.com> wrote in message
news:b5f42c21-7ad9-41c3-b189-6d4a8669a13a@b38g2000prf.googlegroups.com...
> Hello,
>
> I recently purchased a Linksys wireless router to have a wireless
> network in my house. with that I'm wondering, do I need a software
> firewall like Comodo or ZoneAlarm anymore? I thought that I had heard
> that there is no need for those if I have a "hard" router.
>
> Thanks in advance.


FWIW, I have used just the Windows firewall and a router with XP with no ill
effects. And you won't get any unwanted side-effects you may incur from a
third party firewall. Make sure the router has a firewall. Most do, but a
few don't.
--
Bruce Hagen
MS-MVP

 

[sgopus]

RE: Need Firewall?

Some would say no, I however think it's an excellent idea to have both
hardware and software firewalls, to monitor traffic.

"Mista Fadedglory" wrote:

> Hello,
>
> I recently purchased a Linksys wireless router to have a wireless
> network in my house. with that I'm wondering, do I need a software
> firewall like Comodo or ZoneAlarm anymore? I thought that I had heard
> that there is no need for those if I have a "hard" router.
>
> Thanks in advance.
>

 

[Kayman]

Re: Need Firewall?

On Mon, 4 Aug 2008 16:27:06 -0700 (PDT), Mista Fadedglory wrote:

> Hello,
>
> I recently purchased a Linksys wireless router to have a wireless
> network in my house. with that I'm wondering, do I need a software
> firewall like Comodo or ZoneAlarm anymore? I thought that I had heard
> that there is no need for those if I have a "hard" router.
>
No you don't and, incidentally, never needed any 3rd party software
(so-called) firewall things (PFW). These applications a very badly coded
and can cause headaches when trying to uninstall.

Ensure these 'things' are removed from your operating system completely!

These info/tools may assist:
http://forums.comodo.com/frequently...cant_install_comodo_firewall_pro-t9508.0.html
http://forums.comodo.com/help_for_v2/how_to_uninstall_comodo_firewall-t1184.0.html;topicseen

http://zonealarm.donhoover.net/uninstall.html

Revo Uninstaller
http://www.revouninstaller.com/

Moreover:
The windows firewall deals with inbound protection and therefore does not
give you a false sense of security. Best of all, it doesn't implement lots
of nonsense like pretending that outbound traffic needs to be monitored.

Activate and utilize the Win XP built-in Firewall; Uncheck *all* Programs
and Services under the Exception tab.
Read through:
Understanding Windows Firewall.
http://www.microsoft.com/windowsxp/using/security/internet/sp2_wfintro.mspx
Using Windows Firewall.
http://www.microsoft.com/windowsxp/using/networking/security/winfirewall.mspx
How to Configure Windows Firewall on a Single Computer.
http://www.microsoft.com/technet/security/smallbusiness/prodtech/windowsxp/cfgfwall.mspx
--and--
For the average homeuser it is suggested blocking both TCP and UDP ports
135 ~ 139 and 445 on the router and implement countermeasures against
DNSChanger. Also, check if the manufacturer of your router offers a
Firmware Upgrade.

And (just in case) Wired Equivalent Privacy (WEP) has been superseded by
Wi-Fi Protected Access (WPA).
The Wi-Fi Protected Access 2 (WPA2)/Wireless Provisioning Services.
Information Element (WPS IE) update for Windows XP with Service Pack 2 is
available.
http://support.microsoft.com/kb/893357

Good luck

 

[Patrick Keenan]

Re: Need Firewall?


"Mista Fadedglory" <mistafadedglory@gmail.com> wrote in message
news:b5f42c21-7ad9-41c3-b189-6d4a8669a13a@b38g2000prf.googlegroups.com...
> Hello,
>
> I recently purchased a Linksys wireless router to have a wireless
> network in my house. with that I'm wondering, do I need a software
> firewall like Comodo or ZoneAlarm anymore? I thought that I had heard
> that there is no need for those if I have a "hard" router.
>
> Thanks in advance.

The router will have some firewall functions, but it won't matter at all if
you don't use a reasonable level of encryption on the wireless signal.
You will have to use an encryption scheme that is supported by all your
wireless devices, and choose the strongest and the longest and most random
key.

Similarly, if you open extra ports on the router, this can open you to
problems.

HTH
-pk

 

[Leythos]

RE: Need Firewall?

In article <CED84486-0E42-483A-9F51-ABFDF95F79CB@microsoft.com>,
sgopus@discussions.microsoft.com says...
> Some would say no, I however think it's an excellent idea to have both
> hardware and software firewalls, to monitor traffic.
>

If the soft firewall is on the same PC you are using to run programs
then it's a good bet that malware can disable it without you knowing or
seeing.

Firewalls belong on dedicated systems that are NOT used by users, not
running programs for your daily email, documents, etc...

--
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
drug dealer an "unlicensed pharmacist"
spam999free@rrohio.com (remove 999 for proper email address)

 

[Twayne]

Re: Need Firewall?

> Hello,
>
> I recently purchased a Linksys wireless router to have a wireless
> network in my house. with that I'm wondering, do I need a software
> firewall like Comodo or ZoneAlarm anymore? I thought that I had heard
> that there is no need for those if I have a "hard" router.
>
> Thanks in advance.

If your linksys is NAT, then that's pretty much true. It isn't the
router that negates the need for a software firewall, it's whether or
not the router performs firewall functions for you. If you're not sure
one way to tell is usually to look at the logs in the router and see
what they contain. Docs should also make it pretty clear. Most, not
all routers have a firewall in them these days.

Many people also still run a software firewall like ZA just for the
extra layer of protection. Personally I see nothing wrong with that;
it's easier to configure and make changes to than going into the router
most of the time. Ymmv though.

HTH

 

[Twayne]

Re: Need Firewall?

> On Mon, 4 Aug 2008 16:27:06 -0700 (PDT), Mista Fadedglory wrote:
>
>> Hello,
>>
>> I recently purchased a Linksys wireless router to have a wireless
>> network in my house. with that I'm wondering, do I need a software
>> firewall like Comodo or ZoneAlarm anymore? I thought that I had
>> heard that there is no need for those if I have a "hard" router.
>>
> No you don't and, incidentally, never needed any 3rd party software
> (so-called) firewall things (PFW). These applications a very badly
> coded and can cause headaches when trying to uninstall.
>
> Ensure these 'things' are removed from your operating system
> completely!
>
> These info/tools may assist:
> http://forums.comodo.com/frequently...cant_install_comodo_firewall_pro-t9508.0.html
> http://forums.comodo.com/help_for_v2/how_to_uninstall_comodo_firewall-t1184.0.html;topicseen
>
> http://zonealarm.donhoover.net/uninstall.html
>
> Revo Uninstaller
> http://www.revouninstaller.com/
>
> Moreover:
> The windows firewall deals with inbound protection and therefore does
> not give you a false sense of security. Best of all, it doesn't
> implement lots of nonsense like pretending that outbound traffic
> needs to be monitored.
>
> Activate and utilize the Win XP built-in Firewall; Uncheck *all*
> Programs and Services under the Exception tab.
> Read through:
> Understanding Windows Firewall.
> http://www.microsoft.com/windowsxp/using/security/internet/sp2_wfintro.mspx
> Using Windows Firewall.
> http://www.microsoft.com/windowsxp/using/networking/security/winfirewall.mspx
> How to Configure Windows Firewall on a Single Computer.
> http://www.microsoft.com/technet/security/smallbusiness/prodtech/windowsxp/cfgfwall.mspx
> --and--
> For the average homeuser it is suggested blocking both TCP and UDP
> ports 135 ~ 139 and 445 on the router and implement countermeasures
> against DNSChanger. Also, check if the manufacturer of your router
> offers a Firmware Upgrade.
>
> And (just in case) Wired Equivalent Privacy (WEP) has been superseded
> by Wi-Fi Protected Access (WPA).
> The Wi-Fi Protected Access 2 (WPA2)/Wireless Provisioning Services.
> Information Element (WPS IE) update for Windows XP with Service Pack
> 2 is available.
> http://support.microsoft.com/kb/893357
>
> Good luck

Wow, that's a big piece of malarky; I don't even know where to start, so
I won't. You're entitled to your opinions, such as they are.

 

[Bruce Chambers]

Re: Need Firewall?

Mista Fadedglory wrote:
> Hello,
>
> I recently purchased a Linksys wireless router to have a wireless
> network in my house. with that I'm wondering, do I need a software
> firewall like Comodo or ZoneAlarm anymore? I thought that I had heard
> that there is no need for those if I have a "hard" router.
>
> Thanks in advance.


If you use a router with NAT, it's still a very good idea to use a
3rd party software firewall. Like WinXP's built-in firewall,
NAT-capable routers do nothing to protect the user from him/herself (or
any "curious," over-confident teenagers in the home). Again -- and I
cannot emphasize this enough -- almost all spyware and many Trojans and
worms are downloaded and installed deliberately (albeit unknowingly) by
the user. So a software firewall, such as Comodo, Sygate or ZoneAlarm,
that can detect and warn the user of unauthorized out-going traffic is
an important element of protecting one's privacy and security, alerting
you to an unwanted malware application's activity. It doesn't detect an
attack, but it can tell you that something got through and needs to be
dealt with. (Remember: Most antivirus applications do not even scan for
or protect you from adware/spyware, because, after all, you've installed
them yourself, so you must want them there, right?)

When I ran WinXP, I used both a router with NAT and Sygate Personal
Firewall, even though I generally know better than to install scumware.
When it comes to computer security and protecting my privacy, I prefer
the old "belt and suspenders" approach. In the professional IT
community, this is also known as a "layered defense." Basically, it
comes down to never, ever "putting all of your eggs in one basket."

Having said that, it's important to remember that firewalls and
anti-virus applications, which should always be used and should always
be running, while important components of "safe hex," cannot, and should
not be expected to, protect the computer user from him/herself.
Ultimately, it is incumbent upon each and every computer user to learn
how to secure his/her own computer.


--

Bruce Chambers

Help us help you:
http://www.catb.org/~esr/faqs/smart-questions.html

http://support.microsoft.com/default.aspx/kb/555375

They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety. ~Benjamin Franklin

Many people would rather die than think; in fact, most do. ~Bertrand Russell

The philosopher has never killed any priests, whereas the priest has
killed a great many philosophers.
~ Denis Diderot

 

[sgopus]

Re: Need Firewall?

yeah, recently I ran across a web site trying to scan my system saying they
are Doctor Antivirus and my system needed to be scanned, HA, I know an
attempt to install malware/virus
when I see it. thank goodness for safe hexing and kaspersky internet
security, it stopped the attempt.

"Bruce Chambers" wrote:

> Mista Fadedglory wrote:
> > Hello,
> >
> > I recently purchased a Linksys wireless router to have a wireless
> > network in my house. with that I'm wondering, do I need a software
> > firewall like Comodo or ZoneAlarm anymore? I thought that I had heard
> > that there is no need for those if I have a "hard" router.
> >
> > Thanks in advance.
>
>
> If you use a router with NAT, it's still a very good idea to use a
> 3rd party software firewall. Like WinXP's built-in firewall,
> NAT-capable routers do nothing to protect the user from him/herself (or
> any "curious," over-confident teenagers in the home). Again -- and I
> cannot emphasize this enough -- almost all spyware and many Trojans and
> worms are downloaded and installed deliberately (albeit unknowingly) by
> the user. So a software firewall, such as Comodo, Sygate or ZoneAlarm,
> that can detect and warn the user of unauthorized out-going traffic is
> an important element of protecting one's privacy and security, alerting
> you to an unwanted malware application's activity. It doesn't detect an
> attack, but it can tell you that something got through and needs to be
> dealt with. (Remember: Most antivirus applications do not even scan for
> or protect you from adware/spyware, because, after all, you've installed
> them yourself, so you must want them there, right?)
>
> When I ran WinXP, I used both a router with NAT and Sygate Personal
> Firewall, even though I generally know better than to install scumware.
> When it comes to computer security and protecting my privacy, I prefer
> the old "belt and suspenders" approach. In the professional IT
> community, this is also known as a "layered defense." Basically, it
> comes down to never, ever "putting all of your eggs in one basket."
>
> Having said that, it's important to remember that firewalls and
> anti-virus applications, which should always be used and should always
> be running, while important components of "safe hex," cannot, and should
> not be expected to, protect the computer user from him/herself.
> Ultimately, it is incumbent upon each and every computer user to learn
> how to secure his/her own computer.
>
>
> --
>
> Bruce Chambers
>
> Help us help you:
> http://www.catb.org/~esr/faqs/smart-questions.html
>
> http://support.microsoft.com/default.aspx/kb/555375
>
> They that can give up essential liberty to obtain a little temporary
> safety deserve neither liberty nor safety. ~Benjamin Franklin
>
> Many people would rather die than think; in fact, most do. ~Bertrand Russell
>
> The philosopher has never killed any priests, whereas the priest has
> killed a great many philosophers.
> ~ Denis Diderot
>

 

[Leythos]

Re: Need Firewall?

In article <eB1$rip9IHA.5928@TK2MSFTNGP05.phx.gbl>,
bchambers@cable0ne.n3t says...
> If you use a router with NAT, it's still a very good idea to use a
> 3rd party software firewall. Like WinXP's built-in firewall,
> NAT-capable routers do nothing to protect the user from him/herself (or
> any "curious," over-confident teenagers in the home).
>

Neither do soft-firewalls. Once you let it in, it's in.

--
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
drug dealer an "unlicensed pharmacist"
spam999free@rrohio.com (remove 999 for proper email address)

 

[Bruce Chambers]

Re: Need Firewall?

Leythos wrote:
> In article <eB1$rip9IHA.5928@TK2MSFTNGP05.phx.gbl>,
> bchambers@cable0ne.n3t says...
>> If you use a router with NAT, it's still a very good idea to use a
>> 3rd party software firewall. Like WinXP's built-in firewall,
>> NAT-capable routers do nothing to protect the user from him/herself (or
>> any "curious," over-confident teenagers in the home).
>>
>
> Neither do soft-firewalls. Once you let it in, it's in.
>


That's true enough. But a firewall that monitors out-going traffic
will sometimes give one a warning that something has, in fact, snuck in.
There's no 100% detection, of course, as legitimate applications could
be highjacked, but being warned of some malware is better than being
warned of none.


--

Bruce Chambers

Help us help you:
http://www.catb.org/~esr/faqs/smart-questions.html

http://support.microsoft.com/default.aspx/kb/555375

They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety. ~Benjamin Franklin

Many people would rather die than think; in fact, most do. ~Bertrand Russell

The philosopher has never killed any priests, whereas the priest has
killed a great many philosophers.
~ Denis Diderot

 

[Kayman]

Re: Need Firewall?

On Mon, 4 Aug 2008 16:27:06 -0700 (PDT), Mista Fadedglory wrote:

> Hello,
>
> I recently purchased a Linksys wireless router to have a wireless
> network in my house. with that I'm wondering, do I need a software
> firewall like Comodo or ZoneAlarm anymore? I thought that I had heard
> that there is no need for those if I have a "hard" router.

In addition to my original response, be advised that any 3rd party software
(so-called) firewalls (PFW) claiming: "It can stop/control malicious
outbound traffic" are snake oil!

Heck, even programmers of Sunbelt Software (the makers of Sunbelt Personal
Firewall) raised reservations about the usefulness of outbound protection
provided by personal firewalls in cases where malware has already executed
and describe it as a questionable basis on which to build a *security*
assessment.

Furthermore, Steve Gibson, of Gibson Research Corporation has given up
updating his 'Firewall Leak Test' application because he found it
essentially worthless to continue and admitted a software-based firewall is
kind of pointless to employ.

Make it a habit checking credentials of authors writing articles/messages
in advertisement sponsored publications and take commercial messages with a
considerable amount of salt.
Beware, there are plenty of pseudo experts around pretending proficiency,
especially in Usenet based Newsgroups and some moderated Fora!

Educational reading:
Deconstructing Common Security Myths.
http://www.microsoft.com/technet/technetmag/issues/2006/05/SecurityMyths/default.aspx
Scroll down to:
"Myth: Host-Based Firewalls Must Filter Outbound Traffic to be Safe."

 

[Leythos]

Re: Need Firewall?

In article <OplMnUq9IHA.5360@TK2MSFTNGP02.phx.gbl>,
bchambers@cable0ne.n3t says...
> That's true enough. But a firewall that monitors out-going traffic
> will sometimes give one a warning that something has, in fact, snuck in.
> There's no 100% detection, of course, as legitimate applications could
> be highjacked, but being warned of some malware is better than being
> warned of none.
>

I would rather see a NAT router that provides logging of traffic, so
that it can't be compromised, and then one or more workstations that
monitor that logging.

Most quality NAT routers provide that logging function - and malware
can't get around that.

--
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
drug dealer an "unlicensed pharmacist"
spam999free@rrohio.com (remove 999 for proper email address)

 

[Navigator]

Re: Need Firewall?

On Mon, 4 Aug 2008 16:27:06 -0700 (PDT), Mista Fadedglory
<mistafadedglory@gmail.com> wrote:

>Hello,
>
>I recently purchased a Linksys wireless router to have a wireless
>network in my house. with that I'm wondering, do I need a software
>firewall like Comodo or ZoneAlarm anymore? I thought that I had heard
>that there is no need for those if I have a "hard" router.
>
>Thanks in advance.
Your router is likely using NAT which is NOT a firewall. It pretty
much lets any traffic in/out.

 

[Gruff the Elder]

Re: Need Firewall?

Grumpy, are you so focused on telling people that they're in the wrong
newsgroup that you don't even bother to read specs any more?

Excerpt from the description of the Linksys WRT54G wireless router:

Advanced security: Wi-Fi Protected Access™ (WPA), wireless MAC address
filtering, <b> powerful SPI firewall </b>

*All* Linksys SOHO wireless routers have a SPI firewall (or better).




"Navigator" wrote:


> Your router is likely using NAT which is NOT a firewall. It pretty
> much lets any traffic in/out.
>
>

 

[Leythos]

Re: Need Firewall?

In article <qvnh94tkeafq7h2vj9ljv63utnm7kf4t2d@4ax.com>, none@nobody.net
says...
> On Mon, 4 Aug 2008 16:27:06 -0700 (PDT), Mista Fadedglory
> <mistafadedglory@gmail.com> wrote:
>
> >Hello,
> >
> >I recently purchased a Linksys wireless router to have a wireless
> >network in my house. with that I'm wondering, do I need a software
> >firewall like Comodo or ZoneAlarm anymore? I thought that I had heard
> >that there is no need for those if I have a "hard" router.
> >
> >Thanks in advance.
>
> Your router is likely using NAT which is NOT a firewall. It pretty
> much lets any traffic in/out.

Actually, NAT does not let "ANY" traffic IN in a 1:MANY nat, it requires
that the LAN side initiate the connection first.

NAAT router do let just about ALL traffic out, some have minor blocking
features.

--
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
drug dealer an "unlicensed pharmacist"
spam999free@rrohio.com (remove 999 for proper email address)

 

[Bruce Chambers]

Re: Need Firewall?

Leythos wrote:
>
>
> I would rather see a NAT router that provides logging of traffic, so
> that it can't be compromised, and then one or more workstations that
> monitor that logging.
>
> Most quality NAT routers provide that logging function - and malware
> can't get around that.
>


Now if only they'd invent a user who checks (and understands) those
logs on a daily basis.

--

Bruce Chambers

Help us help you:
http://www.catb.org/~esr/faqs/smart-questions.html

http://support.microsoft.com/default.aspx/kb/555375

They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety. ~Benjamin Franklin

Many people would rather die than think; in fact, most do. ~Bertrand Russell

The philosopher has never killed any priests, whereas the priest has
killed a great many philosophers.
~ Denis Diderot

 

[Leythos]

Re: Need Firewall?

In article <#DLFwI29IHA.3940@TK2MSFTNGP04.phx.gbl>,
bchambers@cable0ne.n3t says...
> Now if only they'd invent a user who checks (and understands) those
> logs on a daily basis.

If we had users that checked logs like that, they would also know how to
maintain their computer and security, there would be a lot less
questions here too

--
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
drug dealer an "unlicensed pharmacist"
spam999free@rrohio.com (remove 999 for proper email address)

 

[Navigator]

Re: Need Firewall?

On Tue, 5 Aug 2008 17:03:01 -0700, Gruff the Elder
<GrufftheElder@discussions.microsoft.com> wrote:

>Grumpy, are you so focused on telling people that they're in the wrong
>newsgroup that you don't even bother to read specs any more?
>
>Excerpt from the description of the Linksys WRT54G wireless router:
>
>Advanced security: Wi-Fi Protected Access™ (WPA), wireless MAC address
>filtering, <b> powerful SPI firewall </b>
>
>*All* Linksys SOHO wireless routers have a SPI firewall (or better).
>
>
>
>
>"Navigator" wrote:
>
>
>> Your router is likely using NAT which is NOT a firewall. It pretty
>> much lets any traffic in/out.
>>
>>
Notice I said "LIKELY" in my sentence. Are you so focused on trying
to tell me off you didn't bother to comprehend what you wrote?