Hello,

I have a home network with a router to NTL. The router is billed as being/having a firewall.

Do I need a further firewall on each of my PCs? If so why, and if not why not?
:confused: :confused:

A software firewall is reccomended, try Zonealarm.. Which is available for free..

Yeah, but why is it necessary? There must be some subtle reason?

I believe a software firewall will slow the conncetion down while a hardware fire wall won't.

Originally posted by meld51
Yeah, but why is it necessary? There must be some subtle reason?

it's because the NAT function of the router will help to block stuff coming from the net into your computer, but doesn't block anything going out. A software firewall (except xp built in one) will monitor stuff which wants to get out e.g a trojan trying to "phone home".

Overkill? Paranoia? - maybe, but if it's free & doesn't affect anything else you want to do - what the 'eck.:)

OK. I wonder if it will affect anything else?

Before I had a router, I tried a peer to peer network, and it was impossible to run it well, especially with a firewall on each PC.

Still, I'll re-install ZA and if it goes well, I'll make a posting. If it goes a bit quiet you'll know why.........!!

Personally, if I had a hardware firewall as is built into your router, I really wouldn't bother with Zone alarm... A decent virus checker with regularly updated definitions will prevent any trojans from hiding in your PC, whilst the firewall can be configured to restrict any undesireable traffic by way of setting the access control lists... AFAIK, and this may depend upon your router, you should be able to restrict traffic to / from ports / IPs in both directions. What router have you got?

Originally posted by meld51
OK. I wonder if it will affect anything else?

Before I had a router, I tried a peer to peer network, and it was impossible to run it well, especially with a firewall on each PC.

Still, I'll re-install ZA and if it goes well, I'll make a posting. If it goes a bit quiet you'll know why.........!!

Only way to find out is to give it a go, some people swear by Zonealarm (me included:)), but other people have hit problems.

Its a Belkin Wireless Router, NAT type of thing.

Before I had a network I had the Norton Firewall, which had loads of settings. The Belkin settings seem crude by comparison so I sometimes wonder how it works. The Norton Firewall would report if it had a suspicious event, but the router remains deafeningly silent.

The Norton Firewall was no good with BB though. Maybe newer versions are better....

Another thing, I run the Symantec Firewall check now and then. It usually says it can't see my PCs, but it says something about my router's IP address. I'll run it in a minute and post it here. Maybe you could tell me if this is a successful Report.

Originally posted by El Diablo
Personally, if I had a hardware firewall as is built into your router, I really wouldn't bother with Zone alarm... A decent virus checker with regularly updated definitions will prevent any trojans from hiding in your PC, whilst the firewall can be configured to restrict any undesireable traffic by way of setting the access control lists... AFAIK, and this may depend upon your router, you should be able to restrict traffic to / from ports / IPs in both directions. What router have you got?

I don't disagree with that, it's entirely up to the individual on how they set up their "security".:)

I looked in the setup pages for my Linksys befsr41 and it wasn't obvious that filtering would work both ways on a port?

A software firewall will also trap which program is trying to use the port/IP, it might be one you'd rather not?:)

what about trojans....I guess my virus scanner nails them, but why does spyware always get through?

I'm beginning to think that the virus scan companies let it happen on purpose!

Originally posted by homealone
I don't disagree with that, it's entirely up to the individual on how they set up their "security".:)

I looked in the setup pages for my Linksys befsr41 and it wasn't obvious that filtering would work both ways on a port?

A software firewall will also trap which program is trying to use the port/IP, it might be one you'd rather not?:)
Ahh... it may be that I missed that it's main security feature is that it uses NAT, wasn't sure of the router spec initially :D

You can still set it up though to use port forwarding so that it restricts access to valid applications, so I guess this is as close as... External hosts shouldn't be able to see the PCs connected to the router, since they'll be configured with private IP's making them inaccessible from the outside world...

If a 'good' piece of incoming data gets forwarded to the network IP addresses, then why does malicious stuff not get through?

Because you have to explicitly set up the router to allow incoming traffic on specific ports. You should only forward ports on which you intend to accept connections.

Originally posted by double_c
Because you have to explicitly set up the router to allow incoming traffic on specific ports. You should only forward ports on which you intend to accept connections.

shouldn't upnp sort all this out ?

No idea, but if it does then that suggests that a trojan could open a port on the router same as a legitimate program.

Originally posted by double_c
No idea, but if it does then that suggests that a trojan could open a port on the router same as a legitimate program.

I'm pitw here, but yes, a virus/trojan triggering "inside" your security could have that effect, keep "firmware" for the router up to date is the least you can do.

Hope ZA catches anything else?

Originally posted by Steve_NTL
A software firewall is reccomended, try Zonealarm.. Which is available for free..

by morons who forget that there are at least 20 worms and viri that specifically target the program and disable it.

Small Voice) what's upnp?

Originally posted by meld51
Small Voice) what's upnp?

Universal Plug and Play technology is an architecture for pervasive peer-to-peer network connectivity of PCs of all form factors, intelligent appliances, and wireless devices. UPnP technology is a distributed, open networking architecture that leverages TCP/IP and the Web to enable seamless proximity networking in addition to control and data transfer among networked devices in the home, office, and everywhere in between.

All you really need to know is whether your router (if you use one) is upnp compatible - if not then stuff like MSN messenger won't work. My router needed a firmware upgrade before it was upnp compatible.

If you have the choice have both hardware and software firewalls, you can never be too careful! I know people that use hardware ones, then one like blackice (excellent) or zone alarm, and then even turn on XP's firewall. Makes problem resolution a nightmare but it's safe

A good site for checking your firewalls is:
https://grc.com/x/ne.dll?bh0bkyd2

Then use the two buttons: It'll show your NTL address then try connect to common entry ports on your PC, your router should stop them or at least your firewall (S/Ware)

An ideal result is "There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address!" which is what my PC's generate! The only one that got through was port *** (sorry!) but the firewall stopped it "Your computer has responded that this port exists but is currently closed to connections."