Guest Spiral Posted July 13, 2008 Posted July 13, 2008 Using a secure wireless router as my gateway, why would I need to use a second software firewall, regardless of brand? I browse to port-attacking sites and they can't even see me on the net, let alone show a vulnerable port. Is there a further benefit from adding a software firewall in this case? All comments appreciated.
Guest Bruce Hagen Posted July 13, 2008 Posted July 13, 2008 Re: Router vs software firewall "Spiral" <spiral@spongy.com> wrote in message news:eO2dnRv0Hu139OTVnZ2dnUVZ_vednZ2d@supernews.com... > Using a secure wireless router as my gateway, why would I need to use a > second software firewall, regardless of brand? > > I browse to port-attacking sites and they can't even see me on the net, > let > alone show a vulnerable port. Is there a further benefit from adding a > software firewall in this case? > > All comments appreciated. Since my first XP, I have only used a router and the Windows firewall. IMO, for most, that is enough. YMMV. -- Bruce Hagen MS - MVP
Guest H.S. Posted July 13, 2008 Posted July 13, 2008 Re: Router vs software firewall Spiral wrote: > Using a secure wireless router as my gateway, why would I need to use a > second software firewall, regardless of brand? > > I browse to port-attacking sites and they can't even see me on the net, let > alone show a vulnerable port. Is there a further benefit from adding a > software firewall in this case? > > All comments appreciated. Well, in a situation where a LAN has multiple machines, a firewall can protect from prospective malicious traffic from those machine. Also, should the machine get infected (a firewall cannot protect the machine from a lot of malicious software), the firewall logs in the machine can point to the problem and perhaps prevent unauthorized outbound traffic. But if the LAN is secure, or you have just one machine, then you are okay with just the router firewall I guess.
Guest Kayman Posted July 13, 2008 Posted July 13, 2008 Re: Router vs software firewall On Sat, 12 Jul 2008 22:35:13 -0400, Spiral wrote: > Using a secure wireless router as my gateway, why would I need to use a > second software firewall, regardless of brand? > > I browse to port-attacking sites and they can't even see me on the net, let > alone show a vulnerable port. Is there a further benefit from adding a > software firewall in this case? > > All comments appreciated. A good choice is a combination of *WinXP Firewall* and a hardware router with firewall features (wired or wireless). (Steer away from any 3rd party (so-called) firewall software)! It is suggested specifically blocking both TCP and UDP ports 135 ~ 139 and 445 on *any* SOHO Router. This may also be of interest:- Countermeasures against DNSChanger: http://extremesecurity.blogspot.com/2008/06/use-default-password-get-hijacked.html If for any reasons you reverting back (temporarely or permanently) to dial-up connection then in conjunction with WinXP SP2 Firewall use: Seconfig XP 1.0 http://seconfig.sytes.net/ For added security you may wish to consider this: For day-to-day work routinely use a Limited User Account (LUA). Secure (Harden) your operating system. Keep your operating(OS) system (and all software on it) updated/patched. Reconsider the usage of IE and OE. Don't expose services to public networks. Routinely practice Safe-Hex. Utilize a real-time anti-virus application and vital system monitoring utilities/applications. Keep abreast of the latest developments. -- Security is a process not a product. (Bruce Schneier)
Guest Twayne Posted July 13, 2008 Posted July 13, 2008 Re: Router vs software firewall > Using a secure wireless router as my gateway, why would I need to use > a second software firewall, regardless of brand? > > I browse to port-attacking sites and they can't even see me on the > net, let alone show a vulnerable port. Is there a further benefit > from adding a software firewall in this case? > > All comments appreciated. As long as you're behind a NAT router, that's probably enough if you're not on 24/7. Since nothing is perfect and they play nicely together, I still run a software firewall in addition to the NAT router's capabilities. I find the SW wall quicker to tweak and get to so for little things it's handy too.
Guest Bruce Chambers Posted July 13, 2008 Posted July 13, 2008 Re: Router vs software firewall Spiral wrote: > Using a secure wireless router as my gateway, why would I need to use a > second software firewall, regardless of brand? > > I browse to port-attacking sites and they can't even see me on the net, let > alone show a vulnerable port. Is there a further benefit from adding a > software firewall in this case? > > All comments appreciated. If you use a router with NAT, it's still a very good idea to use a 3rd party software firewall. Like WinXP's built-in firewall, NAT-capable routers do nothing to protect the user from him/herself (or any "curious," over-confident teenagers in the home). Again -- and I cannot emphasize this enough -- almost all spyware and many Trojans and worms are downloaded and installed deliberately (albeit unknowingly) by the user. So a software firewall, such as Comodo, Sygate or ZoneAlarm, that can detect and warn the user of unauthorized out-going traffic is an important element of protecting one's privacy and security, alerting you to an unwanted malware application's activity. (Remember: Most antivirus applications do not even scan for or protect you from adware/spyware, because, after all, you've installed them yourself, so you must want them there, right?) When I ran WinXP, I used both a router with NAT and Sygate Personal Firewall, even though I generally know better than to install scumware. When it comes to computer security and protecting my privacy, I prefer the old "belt and suspenders" approach. In the professional IT community, this is also known as a "layered defense." Basically, it comes down to never, ever "putting all of your eggs in one basket." Having said that, it's important to remember that firewalls and anti-virus applications, which should always be used and should always be running, while important components of "safe hex," cannot, and should not be expected to, protect the computer user from him/herself. Ultimately, it is incumbent upon each and every computer user to learn how to secure his/her own computer. -- Bruce Chambers Help us help you: http://www.catb.org/~esr/faqs/smart-questions.html http://support.microsoft.com/default.aspx/kb/555375 They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. ~Benjamin Franklin Many people would rather die than think; in fact, most do. ~Bertrand Russell The philosopher has never killed any priests, whereas the priest has killed a great many philosophers. ~ Denis Diderot
Guest Spiral Posted July 14, 2008 Posted July 14, 2008 Re: Router vs software firewall Great thread. Thanks, everyone.
Guest Kayman Posted July 14, 2008 Posted July 14, 2008 Re: Router vs software firewall On Sat, 12 Jul 2008 22:35:13 -0400, Spiral wrote: > Using a secure wireless router as my gateway, why would I need to use a > second software firewall, regardless of brand? > > I browse to port-attacking sites and they can't even see me on the net, let > alone show a vulnerable port. Is there a further benefit from adding a > software firewall in this case? > > All comments appreciated. In addition to by original message it'd be worthwhile and educational if you read the below mentioned articles. The authors Jesper Johansson and Steve Riley are well respected and recognized for their in-depth knowledge with respect to 'outbound protection' of 3rd party (so-called) firewalls. Google for their credentials! Jesper is sometimes hanging out in the Vista newsgroup. At Least This Snake Oil Is Free. http://msinfluentials.com/blogs/jesper/archive/2007/07/19/at-least-this-snake-oil-is-free.aspx Deconstructing Common Security Myths. http://www.microsoft.com/technet/technetmag/issues/2006/05/SecurityMyths/default.aspx Scroll down to: "Myth: Host-Based Firewalls Must Filter Outbound Traffic to be Safe." Exploring the windows Firewall. http://www.microsoft.com/technet/technetmag/issues/2007/06/VistaFirewall/default.aspx "Outbound protection is security theater¡Xit¡¦s a gimmick that only gives the impression of improving your security without doing anything that actually does improve your security."
Guest Spiral Posted July 17, 2008 Posted July 17, 2008 Re: Router vs software firewall Kayman wrote: > In addition to by original message it'd be worthwhile and educational if > you read the below mentioned articles. The authors Jesper Johansson and > Steve Riley are well respected and recognized for their in-depth knowledge > with respect to 'outbound protection' of 3rd party (so-called) firewalls. > Google for their credentials! > Jesper is sometimes hanging out in the Vista newsgroup. > > At Least This Snake Oil Is Free. > http://msinfluentials.com/blogs/jesper/archive/2007/07/19/at-least-this-snake-oil-is-free.aspx > > Deconstructing Common Security Myths. > http://www.microsoft.com/technet/technetmag/issues/2006/05/SecurityMyths/default.aspx > Scroll down to: > "Myth: Host-Based Firewalls Must Filter Outbound Traffic to be Safe." > > Exploring the windows Firewall. > http://www.microsoft.com/technet/technetmag/issues/2007/06/VistaFirewall/default.aspx > "Outbound protection is security theater?it?s a gimmick that only gives the > impression of improving your security without doing anything that actually > does improve your security." I'm on it--like the titles already... Cheers
Recommended Posts