Re: Software Firewall



K2NNJ wrote:
So i'm good with what I got?

If you're not doing the high risks things with the router like port forwarding, then you should be OK. I see the router does have SPI and that's good and some other security features. For downloading things that you have indicated in your post, it's not a FW's job to be concerned about it. But most PFW(s) have some kind of application control that will alert on dubious applications that could be installed on your machine and ran. That feature can easily be defeated and I have disabled that feature on the laptop PFW that I use on the road. It's a worthless feature IMHO and I use other tools from time to time to tell me what is happening on the machine.

While I am at home, the FW appliance I use provides all the protection in stopping inbound and outbound traffic between LAN to LAN, LAN to WAN and WAN to LAN by port, protocol or IP and also logs all inbound and outbound traffic by WAN and LAN IP(s). If your router can stop inbound and outbound and there are those routers that are packet filtering FW routers that also have logging of traffic that can do it, then you're good to go wired or wireless. You don't need a PFW period.

However, you have a wireless solution and I don't think the router can stop outbound. Because it's a wireless solution, someone could hack the wireless, join your network and be all over the top of your machines wired or wireless. For that reason, you might want to keep the PFW(s) on the machines setting rules to only allow traffic between the approved IP(s) on your LAN between the machines.

PFW(s) and other packet filter solutions at the machine level have their place in the protection as long a they don't bring complication to the picture. As far as some kind of file download protection, that's not any FW's job period.

If you're comfortable without the need of a PFW or some other packet filter that can stop outbound behind the router, then go without the PFW. On the other hand, I myself would prefer to have a router that at least meets the specs in the link to be fully comfortable without the need of something supplementing the router. It's just my my opinion on it and some have a completely different view on it. It's something you're going to have to decide as to what's best for your needs.

http://www.firewall-software.com/firewall_faqs/what_does_firewall_do.html

Duane :)



"Duane Arnold" <NotMe@xxxxxxxxx> wrote in message news:Ji4Mf.3639$S25.861@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Woody wrote:

The software firewall will give you a heads up if you happen to download something that decides to send your information to the world.


Personal FW's have that trash in them. Host based network FW's, packet filtering FW routers and FW appliances have no such trash. Some would say that a PFW is not a FW since it doesn't separate two networks and is only machine level protection when it does its job as some kind of packet filter and not using all the other bloat trash in PFW solutions.

Duane :)



.



Relevant Pages

  • Re: Software Firewall
    ... It's obviously not wireless and, ... If you're not doing the high risks things with the router like port ... stopping inbound and outbound traffic between LAN to LAN, ... You don't need a PFW period. ...
    (comp.security.firewalls)
  • Re: Connect a Wireless Router to my SBS Network
    ... I assume your DSL modem-router is acting as a router (with a WAN and a LAN ... This setup is the Airlink wireless attached to the 5-port switch? ...
    (microsoft.public.windows.server.sbs)
  • Re: Change wireless configuration
    ... I have them set up for ICS over a Wireless system, set up in what I think ... ICS is a MS term. ... It allows one computer to share its Internet connection with other computers in a LAN situation. ... to the Wireless Router, the XP Pro PC is connected to the Router by a ...
    (alt.internet.wireless)
  • Re: VPN over wireless
    ... You will still the need the Router to issue DHCP and wireless ... network but still access to the internet. ... LAN Router Wireless Router ...
    (microsoft.public.windows.server.sbs)
  • Re: Workgroup Client Bridge Configuration
    ... capability for the LAN interface, in any case it only allows one IP to be specified. ... original SOHO-10 routers in service and on my router pile. ... but the gateway is 216.216.216.1, some operating systems just will not ... I mean't the one computah that's going through the Seneo wireless. ...
    (alt.internet.wireless)