Re: Firewall needed behind router?

From: Peter in New Zealand (peterbalplug_at_xtra.co.nz)
Date: 06/10/05 

Date: Fri, 10 Jun 2005 11:18:50 +1200



-- 
Peter in New Zealand. (Pull the plug out to reply.)
Collector of old cameras, tropical fish fancier, good coffee nutter, and 
compulsive computer fiddler.
"Chuck" <none@example.net> wrote in message 
news:87dha1hhci274ggpi6c5am2ul5s632jek2@4ax.com...
> On Thu, 9 Jun 2005 20:09:09 +1200, "Peter in New Zealand"
> <peterbalplug@xtra.co.nz> wrote:
>
>>I have three PCs on a LAN which is connected to the Internet via the
>>modem/router unit. Is there any advantage in having a software firewall 
>>(in
>>this case McAfee) on these machines, or would the router be sufficient
>>protection? There's no requirement for inter-PC protection - just from the
>>Internet. We just recently upgraded to broadband after a decade of dialup,
>>so it is all a bit new to me. The tech told me the router is configured to
>>prevent DOS and hacker attacks, and I understand a little of the theory, 
>>but
>>not a lot, so I apologise if this is a silly question. Thank heaps for
>>helping.
>
> Peter,
>
> This isn't a silly question.  This question gets asked almost daily, and 
> should
> be asked more.
>
> If you have multiple computers on a LAN, and any one of them is used for
> Internet access of any type, you should have a personal firewall on each 
> one of
> them.  If any one of them should get infected, it could be with a combined
> threat that enters the LAN as browser data, and then attacks other 
> computers on
> the LAN.  Having a PFW on each one could save the others, and could alert 
> you to
> the infection.
http://nitecruzr.blogspot.com/2005/05/please-protect-yourself-layer-your.html
>
> The broadband tech needs to educate himself a bit more.  Why do you think 
> that
> there's no requirement for inter-PC protection?
>
> -- 
Brilliant, that's what I needed to know. It makes a heap of sense to me, 
which was why I needed some expert guidance, and I enjoyed reading the blog. 
The "tech" perhaps needs a brief explanation. Telecom NZ have been 
threatened with being forced to unbundle their lines for other ISPs unless 
they make it easier and cheaper for people to get onto broadband. The 
deadline is looming and their are keen to get the required numbers onto it 
before it expires. That's how I got onto it after a decade of dialup. The 
whole deal, with the cabling and router supplied cost me a grand total of 
$56NZ. This sort of deal has triggered a huge surge of demand, and anyone 
who can push a plug into a hole basically is being called a tech and put 
into the field to meet the demand. Mostly their answers are canned responses 
learned by rote to set questions. They're a sort of walking robot FAQ I 
suppose. It's really funny when you ask them a question they are not 
programmed to answer. They kind of jam up, and stop responding.
I must hasten to add that the one I dealt with was courteous, helpful, and 
quite ready to admit that he wasn't sure about the firewall issue, hence my 
question here.
I appreciate your responses, and I will keep the software firewall on my 
machines as you suggest. Many thanks.
-- 
Peter in New Zealand. (Pull the plug out to reply.)
Collector of old cameras, tropical fish fancier, good coffee nutter, and 
compulsive computer fiddler.