Router vs. desktop firewall

From: Mark Adams (madams9_at_juno.dotcom)
Date: 12/31/03

• Next message: Todd H.: "Re: Router vs. desktop firewall"
• Previous message: Security Alert: "SSRT3656 Rev.1 Software Distributor (SD) for HP-UX"
• Next in thread: Todd H.: "Re: Router vs. desktop firewall"
• Reply: Todd H.: "Re: Router vs. desktop firewall"
• Reply: Thomas Hertel: "Re: Router vs. desktop firewall"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Wed, 31 Dec 2003 15:55:01 GMT

My apologies if I'm in the wrong place or asking a question that's been
"done to death", but information on the WWW is ambiguous about this. I
thought I'd go to a more authoritative source.

I have a home LAN with a mixture of Win & Linux machines connected
peer-to-peer. The Internet connection is via a Linksys BERW11S4 router
in gateway mode. Let's not deal with the internal wirless security
issues right now -- I will probably pest you about WPA later. Right now,
I'm focusing on intrusion from the net.

I've been testing ports with Shields Up! at www.grc.com. I've noticed
that blocking WAN requests at the router results in an all-green,
everything-stealthed pass from Shilds Up. Unblocking WAN req's. and
just running the iptables firewall (configured via Guarddog), or the
built-in firewall in WinXP results in some ports stealthing, the rest
blocked.

My question is: if I block WAN requests at the router, do I really need
to enable a firewall at the desktops? Since I am probably going to get
both, "Yes" and "No" responses to that question, please help me
understand the reasoning behind either position.

I really appreciate it.

Mark

---

• Next message: Todd H.: "Re: Router vs. desktop firewall"
• Previous message: Security Alert: "SSRT3656 Rev.1 Software Distributor (SD) for HP-UX"
• Next in thread: Todd H.: "Re: Router vs. desktop firewall"
• Reply: Todd H.: "Re: Router vs. desktop firewall"
• Reply: Thomas Hertel: "Re: Router vs. desktop firewall"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: Router vs. desktop firewall ... >I've been testing ports with Shields Up! ... >built-in firewall in WinXP results in some ports stealthing, ... if I block WAN requests at the router, ... (comp.security.misc) Re: Just venting (totally OT) ... the ame router to get access to the net! ... I'm paranoid about opening up my firewall "just in case..." ... not visiting dodgy Websites. ... The protection that it does supply is also provided by ... (uk.people.support.depression) Re: Just venting (totally OT) ... how long it plays for because it's all been ripped on to hard disc ... the ame router to get access to the net! ... I'm paranoid about opening up my firewall "just in case..." ... The protection that it does supply is also provided by ... (uk.people.support.depression) Re: What is broken:McAfeee firewall or my router ????? Urgent, ple ... your computer regardless of what McAfee firewall said. ... If your router is ... warned about those ports being available right away if you had any of those ... (microsoft.public.security) Re: What is broken:McAfeee firewall or my router ????? Urgent, ple ... your computer regardless of what McAfee firewall said. ... If your router is ... warned about those ports being available right away if you had any of those ... (microsoft.public.security)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(12)