Re: How effective is a router as a firewall?

From: Duane Arnold (notme_at_notme.com)
Date: 10/25/03


Date: Sat, 25 Oct 2003 15:24:41 GMT

Jodie <jodie23@sbcglobal.net> wrote in
news:p00lpvc9ja922udtqpkmrlm50jaj83l20o@4ax.com:

> I just got a new Belkin router and a guy at Belkin said I didn't need
> zone alarm anymore, that the router has a built in firewall. I really
> do need protection now. I'm coming from dial-up and just got DSL, and
> since I installed the router, I am connected to the internet all the
> time.

The router is a good thing to have and it will stop unsolicited traffic
such as scans and attacks. You should review the router logs, to see
what traffic is coming into the router and leaving the router on a
routine basis, if the router has logging. The first thing you should do
is change the router's password from the factory default.

The router will not protect on inbound ports that have been port
forwarded or you place the machine into the DMZ of the router, if it has
DMZ. You'll need ZA if you start doing that.

>
> I am running w2k and have locked it down. BUT, my id is part of the
> administrators group because some apps gave me problems when I was a
> regular user. Is being an admin bad? (dumb question I know).

Using the Admin account is only bad if the machine is compromised,
because any malware that compromises the machine is going to have the
same security context as the account that is logged on the machine. With
the Admin account being used, the malware can just about do anything it
has been programmed to do.

Use Active Ports (free) to keep an eye on things, if you stop using ZA.
You should keep an eye on things, because the router is not the end all
solution.

Duane :)

>
> Thx,



Relevant Pages

  • Re: Just venting (totally OT)
    ... the ame router to get access to the net! ... I'm paranoid about opening up my firewall "just in case..." ... not visiting dodgy Websites. ... The protection that it does supply is also provided by ...
    (uk.people.support.depression)
  • Re: Just venting (totally OT)
    ... how long it plays for because it's all been ripped on to hard disc ... the ame router to get access to the net! ... I'm paranoid about opening up my firewall "just in case..." ... The protection that it does supply is also provided by ...
    (uk.people.support.depression)
  • Re: black ice usage question
    ... The point is with a router already there, all ports are already being ... > With BI set in the Paranoid mode with the 1-65535 rules set, ... > protection for unsolicited inbound traffic to the machine. ...
    (comp.security.firewalls)
  • Re: Zonealarm and LinkSys DSL/Cable Router
    ... issued by the router and discontinued letting BI do it. ... > I'm using ZAP with W2K on a home network also running thru a LinkSys ... the protection of a NAT router that's got you protected very well from ... Use Active Ports and look at the connections to and from the ...
    (comp.security.firewalls)
  • Re: Newbie Home Network/ADSL Router query.
    ... > Firewall on the router. ... >> ISP so that your router can access the Internet and the machines ... >> protection of the NAT router, either way, the machines are ... >> All ports are closed on the router by default and the ports will ...
    (comp.security.firewalls)