Re: Linksys WRT54G and Firewall software

Gerald Vogt wrote:
Maximum Dog9 wrote:

Gerald Vogt wrote:

Leythos wrote:

1) You don't need a personal firewall when you are behind a NAT device
that provides a private network without anything port forwarded.

3) The windows non-firewall included in XP SP2 will be more than enough,
but, if you take your laptop to other networks (school, work, friends) it
won't be enough in most cases.

That is not conclusive: The NAT does block (most) incoming connections. The XP SP2 firewall does block all (most) incoming connections when configured with no exceptions.

I am trying to figure out what you are talking about. The above statement makes no sense. The XP packet filter blocks all (most) incoming connections. And the NAT router blocks (most) incoming connections.

What does that have to do with the #3 statement when all that's being stated is that the XP FW may not be good enough when the OP's machine is not connected to the OP's network.

The NAT router and the XP SP FW basically do the same. Still the XP SP FW is not enough at some places while the NAT router is enough always?

No, they do not both do the same thing. A router protects a network, and in the case of the XP FW running on a machine, it's machine level protection, although I seen use of the XP machine and the XP FW in an ICS situation as a gateway, but FW(s)/packet filters were running on the other machines.

The question is: if there is some reason why the XP SP2 FW is not enough in another network although NAT router and XP SP2 FW are basically doing the same, why does that reason not apply to the NAT router as well? But as it is not explained why the XP SP2 FW is not enough in another network I can only ask that unspecific question...

The XP FW/packet filter is doing the same thing as any other PFW or personal packet filter. That is to stop unsolicited inbound traffic from reaching the machine.

Where is the difference which explains why something else then the XP SP2 FW is needed elsewhere?

If the OP wanted to set a rule to stop outbound packets from leaving the machine, which the XP packet filter cannot do is one difference.

O.K. But that was not mentioned before. Plus the WRT54G with standard firmware does not do reliable outbound filtering.

What does the 54G have to do with the difference between two host based software packet filters?

Two or more firewalls running on a computer result on average in less security then a single one as it is unpredicted what actually is blocked and what not and by which firewall which will jeopardize the consistency of and state table in any firewall (as they are generally stateful).

The poster never said that. Where are you coming up with this conclusion that it was even said by the poster?

You're reading into it what you want to read into it.

As I wrote elsewhere I thought he was thinking of another firewall. But if he is not thinking of another firewall than it remains open what would be necessary to fill this "not enough" when the computer is connected to another network. Behind the NAT router the XP SP2 FW is enough. In another network it is not. So what is the suggestion here? Not to connect to another network? Is that the only point here?

You have to ask him.

5) More important than a firewall, when behind a NAT router, is the
Antivirus software and your security methods - like not running as an
Administrator (best to run as a limited user), installing Fire Fox, not
using Outlook Express or Outlook if you use POP3 for email....

Most important to keep your system up-to-date and reduce the number of software on your computer. The less software you are running the less is vulnerable.

This makes no sense. The point of the computer is to run software. That's why computers were invented, other than that, just connect a computerized toaster oven to the Internet.

Reduce the amount of software you are using and installing. I have seen computers of people where the windows start menu wrapped over four columns on a high-resolution screen filling well over 200 GB on the hard disc with software alone. Anything they installed for test purposes they simply left there. Why bother even deinstalling something if you still have space left?

Disk space is cheap. If that's what they want to do, that's their business.

Think about what you want to do with your computer and install the software you need for your purpose. That's it. If you need your computer, don't use it a toy to install any garbage you come across...

As long as programs are protected from the Internet, what difference does it make? You have no idea as to how someone will use his or her computer. It's their choice to do with the computer what he or she wants.

The less software the less you have to check for updates manually if it does not come with automatic updates.

That's life in the big city.

But as you have to check for updates yourself the situation is easier to manage if you only have 5 essential software products (plus the OS of course) on your computer than 50 most of them hardly or never used.

If one is in that situation, then he or she is in that situation and they should take the appropriate measures to stay updated, if he or she chooses to do so.

If you do all this you are very likely that your AntiVirus will never ever report anything relevant and thus will prove itself superfluous.

No one is going to do it. So why even bring it up.

Who is doing it what? It is an observation. Noone is doing anything.

If this is the advice you're giving your users, then they should kick you to the curb.

They would certainly prefer advice from someone uncouth...

I am not going to say anything here. It's too easy to hammer you.