Re: Firewall yes, but where?

From: Jason Edwards (none1_at_invalid.invalid)
Date: 02/20/05 

Date: Sun, 20 Feb 2005 14:45:06 -0000

"Klaus Haber" <Klaus.Haber@bingo-ev.de> wrote in message
news:1iz765qlbmaqe.vc5phlerzdnb.dlg@40tude.net...
> Hello,
>
> I have an understanding problem. There are different meanings concerning
to
> use firewalls or not. But generell I heard, that a firewall in a _router_
> in connection with a DSL-PC is better than a firewall integrated in the
> same PC, connected to the net by a _modem_. (Firewall means personal
> firewall).
> My understandig ist, that there is no differenz between this both
> configurations. If the router firewall leaks, the attack will reach the
PC.
> The same happens, if the PC-firewall will leak.

The PC-firewall is far more likely to leak for various reasons.
It may be interfered with or shut down completely by malware on the PC.
It may also be that the user does not understand the personal software
firewall they installed and misconfigures it.
Users often think that a personal firewall is making them secure when really
all it's doing is notifying them of things which would not be important even
if they didn't have the personal software firewall.

> I see only one advantage in
> a router-firewall, if you have a local net with different PCs. In this
case
> you need only one firewall for all connected PCs.
>
> Please correct me (or agree ;-) ), if my understanding is wrong.

The most basic type of router-firewall is a NAT router, which is not a real
firewall but they are in the price range of any home user and simple to
configure.
If you can afford a better external firewall and are happy to learn how to
configure it then get one.
You should use an external box even if you have only one PC.

In my view it is better to use an external firewall and learn how to find
out exactly what is in your PC and what Internet connections it is making
than it is to install a software firewall.
If you know what outbound connections are being made and what they are for
then why do you want to block them?
If you have specific blocking requirements that a software firewall can
handle and you understand how to achieve it then ok use one. The average
home user does not have a clue what a software firewall does but for some
reason they still insist on installing one. In many cases they will install
a software firewall but no virus scanner.

Jason

>
> Thanks and greetings
>
> Klaus
>
> --
> Homepage: http://www.bingo-ev.de/~Klaus.Haber
> "pH-Messung - einfach zu verstehen"
> neu: "Regeneration eines Vollentsalzers"
> e-Mail: Siehe HP unter "Impressum"

Relevant Pages

  • Re: Vista Hacked
    ... other words what confirmation do you have that the original install was ... Probably the best solution for a firewall is to use a router, ... Either should show active connections, many of which will be your machine ... If you have Google toolbar or update manager installed then random ...
    (microsoft.public.windows.vista.performance_maintenance)
  • Remote Procedure Call (RPC) shuts down computer
    ... Then immediately turn-on Windows XP's built-in Firewall: ... Connections, then click Network Connections. ... ***Install a good firewall. ...
    (microsoft.public.windowsxp.general)
  • Re: Thrown off of the intenet by XP
    ... Then turn on the xp firewall. ... >network connections, right click your connection, ... removal and patch info. ... >> Ever since I install Windows XP over Win98 on my HOME ...
    (microsoft.public.windowsxp.general)
  • Re: Remote Procedure Call (RPC) shuts down computer
    ... that Windows XP Home version does not install the firewall engaged. ... I didn't turn on the firewall again after the re-install. ... >Connections, then click Network Connections. ...
    (microsoft.public.windowsxp.general)
  • Re: What is the Pattern here ?
    ... These are all Dialup Connections that I had no connection with at the time. ... It's obviously an enormous security hole, ... > and a real firewall box. ...
    (comp.security.firewalls)