Re: Help for novice with ICF, Router h/w Firewall and McAfee s/w Firewall

From: Duane Arnold (notme_at_notme.com)
Date: 02/24/04


Date: Tue, 24 Feb 2004 05:46:56 GMT

mjss_ivell@msn.com (Mike) wrote in news:9e41aa31.0402231453.4c119f2
@posting.google.com:

> I have XP and a DSL connection for internet. Up until recently I have
> used the standard free issue Alcatel Speedtouch DSL modem via USB for
> a dial up connection with ICF active for protection. However, I'm now
> using a an Ericsson ADSL Router (HN294d) set up for PPPoA (connected
> via an Ethernet card) so that additional PC's in the house can be
> connected to the internet via my broadband service.
>
> If not obvious already I am a pretty dumb user so apologies now for
> stupid questions but ....
>
> 1. What is simple terms is the difference in protection between ICF,
> the hardware firewall of a Router and the software firewall of
> something like McAfee's Firewall 3 package.

The router and ICF are about the same. The both stop unsolicted inbound
traffic to the machine, but they provide no outbound protection.

MaAfee should be providing application control and stopping a program
from accessing the Internet.

> 2. Is my Internet connection (via the Ericsson Router) still
> protected by ICF - it doesn't show in my Connection Settings as a
> Dialup Connection but rather as an Internet Gateway.

If you have gone to the Ethernet NIC's Properties on the Advanced Tab and
enable ICF, then it's enable on the NIC and it's active.

> 3. Does the Router offer better protection than ICF anyway. (I have
> activitated the default "medium" level of protection and activated
> Intrusion Detection again with default settings). Any guidelines on
> why non default settings may be desirable,

Yes the router is better than the ICF in someways, mainly because it's a
stand alone device that sits in front of the machine and the machines
behind it with the O/S and possible FW on them don't have to deal with
the scans/attacks.

> 4. I also have a copy of McAfee Firewall 3 but have not loaded this.
> Is there any point in loading this given the use of ICF and the
> Ericsson Router. What if any additional protection can this provide.

Along with providing the ability to stop an outbound connection by an
application trying to connect to the Internet -- application control, it
provides inbound and possible outbound port control behind the router
too.

Duane :)