Re: How effective is a router as a firewall?

From: Duane Arnold (notme_at_notme.com)
Date: 10/25/03


Date: Sat, 25 Oct 2003 15:24:41 GMT

Jodie <jodie23@sbcglobal.net> wrote in
news:p00lpvc9ja922udtqpkmrlm50jaj83l20o@4ax.com:

> I just got a new Belkin router and a guy at Belkin said I didn't need
> zone alarm anymore, that the router has a built in firewall. I really
> do need protection now. I'm coming from dial-up and just got DSL, and
> since I installed the router, I am connected to the internet all the
> time.

The router is a good thing to have and it will stop unsolicited traffic
such as scans and attacks. You should review the router logs, to see
what traffic is coming into the router and leaving the router on a
routine basis, if the router has logging. The first thing you should do
is change the router's password from the factory default.

The router will not protect on inbound ports that have been port
forwarded or you place the machine into the DMZ of the router, if it has
DMZ. You'll need ZA if you start doing that.

>
> I am running w2k and have locked it down. BUT, my id is part of the
> administrators group because some apps gave me problems when I was a
> regular user. Is being an admin bad? (dumb question I know).

Using the Admin account is only bad if the machine is compromised,
because any malware that compromises the machine is going to have the
same security context as the account that is logged on the machine. With
the Admin account being used, the malware can just about do anything it
has been programmed to do.

Use Active Ports (free) to keep an eye on things, if you stop using ZA.
You should keep an eye on things, because the router is not the end all
solution.

Duane :)

>
> Thx,