Re: personal firewall

aarklon@xxxxxxxxx writes:
Hi folks,

what exactly is the need for a personal firewall???
the following link says that it is a snake oil????

well to what extent this is true.....????
(please note that i am not an expert on security matters,so any
meaningful explanation is
always welcome)

First, it's worth noting that page was last modified in March of

To an extent I agree with the premise in the article that software
firewalls should not be the first thing you buy. If you're on
broadband, by all means spend $60 on a little home firewall router
thingee such as the venerable Linksys BEFSR41 or WRT54G if you're in
the mood for wireless. That will largely prevent the bad guys from
getting in on a network level.

Personal firewalls or software firewalls are both redundant to the
functionality of these devices and they are also complimentary.

They're redudant in that they too implement packet filter or stateful
packet inspection on the computer--the same sort of thing the little
$60 box is doing on your network perimeter.

However, where software (personal) firewalls actually add useful
protection is in application level network access. If you download
and unwittingly install a program that wants to access the network (to
phone home, or whatever), a software firewall can potentially alert you
to this, which is very useful.

In addition, on a laptop machine, it's nice to have the packet or SPI
filtering of the firewall when you wander into unfriendly networks
like hotels and airports and such. It's also useful to protect your
individual machine from other machines on your home network if/when
they get infected with something.

Best Regards,
Todd H.

Relevant Pages

  • RE: [fw-wiz] Firewalls v. Router ACLs
    ... people to take in consideration in network design and layout. ... here and the old firewalls list often emphasized an approach that avoided ... The logging alert features alone turn this layer into a IDS as ... > An appropriately sized router will not have any performance problems. ...
  • [fw-wiz] IDS/IPS and LOGS
    ... nasty behavior is happening on your network (where your network is ... easily turn your IPS into a big denial of service attack. ... My guess is that most of the Worlds firewalls and IDS/IPS only have half ... I noticed that there is a big emphasis on log parsing while there should ...
  • Re: Establish persistant outbound connection for covert application
    ... which firewalls are running etc.) and then communicate its ... the actual network layer. ... They do have 2 network interfaces in case I want to chain them between a PC ... They also have a wireless interface so I can hook into the machine if I am ...
  • Re: Going meta (was RE: [fw-wiz] Ok, so now we have a firewall...)
    ... but today's firewalls let too much stuff back ... > why people feel they need to compromise. ... Last spring we completely re-engineered the network for a large school ... All these segments are set up on separate VLANs and communicate with each ...
  • Re: Linksys router as Firewall
    ... > There are many different levels of firewalls. ... acts as an interface between two networks (e.g., the Internet and an ... protecting the internal network from electronic attacks originating from ... filtering outgoing traffic for security and network usage rules ...