Firewall/Router necessary?

I myself would not connect to the Internet without a NAT router with a direct connection of the machine to the Internet.

However, I do connect my laptop without a NAT router while I am on the road using a personal FW solution as I have no choice but to do it. I supplement the PFW on the machine with IPsec.

I have also done some things to protect the machine too as it's not in a LAN situation.

Duane :)

WTF?! SP2 exists.

Yours, VB.

YES! Is there any reason you have not updated to XP SP2? Your computer could already be infected.

For broadband connections, you should have at leaset a basic broadband router, even for just one computer. It will give some decent protection due to the NAT routing it uses to let multiple computers look like one address to your modem. Even then, I would still use a software firewall on the computer, since most 3rd party ones can control what is sent, too. Also, if you hook up multiple computers, this gives you some protection if one of them becomes infected.

At the bare minimum, either update to SP2 and use it's firewall, or install some other software firewall. NEVER connect to the internet without one, or your computer will be infected VERY fast. Even if you currently have dial-up, you still need a firewall.

I've been testing for three days with another computer online with firewall configured to permit all traffic in - out, set to log.

--------------------------------- Win2K, SP4 Home system, Single computer, dial-up RegDefend Anti-Executable Deep Freeze

---------------------------------

All ports except 135 are show closed by the OS on a port scan Messenger, DCOM, DTC services off

My test is to see if the computer can be protected this way, and if so, to show that a router or firewall is not necessary for inbound protection.

So far, I've picked up no alerts from RegDefend, nor Anti-Executable, and no suspicious files created/modified on the HD.

I posted logs for the first two days:

-rich

"rich" wrote in news:1133222749.156587.125010 @o13g2000cwo.googlegroups.com:

The problem with running a personal FW is that it can be attacked by malware if malware can reach the machine and execute. Malware can attack the PFW solution and take it down, adjust logs, reconfigure it just like it can attack the O/S.

That's why if I have the option, I'll put the machine behind a NAT router or a FW appliance that cannot or cannot be attacked that easily as it's not part of the computer running with the O/S, it has logging of inbound and outbound connections and other features so that I can clearly see what's happening with traffic.

But if got no choice but to use a PFW with a direct connection of the machine to the Internet, then that PFW solution is going to be supplement. In addition to this I just can't see what's happening like I want to see, but I do use other tools to help out.

Duane :)

At this stage, generally speaking, of the game there are only three groups of people who have not upgraded to SP2:

1. Those with weird applications needed for business that do not work correctly with SP2. This scenario is rare.
2. Those with illegal copies of Windows who haven't figured out how to install SP2 & still keep their free ill-gotten software. This scenario is plentiful enough one cannot throw a rock without hitting one of these people.
3. Those who are too clueless to know that Windows Update is a good thing. This group even has people who haven't even upgraded to SP1 yet. This scenario is probably more common than anyone would like to adimit.

s/three/four/

1. Those who are not even using XP. This breaks into two classes:

4a. Those who are further into the clueless cloud, and are still running windoze9x, or me because they want to or didn't know XP was released. Those running NT fall into this group as well, though for slightly different reasons. This group may even be larger than group 3. 4b. Those who are not running any form of microsoft windoze. The only microsoft product I've had in the house since 1992 is a microsoft mouse. Generally, this group is either running different hardware (Apple), or are using a variant of UNIX on PC type hardware.

Old guy

While you are definitely right on all counts in what you posted it does not apply to this thread as the original poster stated that he was running Windows XP SP1 so I was listing the reasons why people still refuse to load SP2.

My experience:

a) I could not get SP2 to work in conjunction with our [expensive] LAN monitoring software

b) SP2 slowed my machine quite noticably, even with the built-in firewall turned off completely. Because of the slowness, I suspected I had spyware or virii and kept adding more layers of protection (which never found anything... other than NoAdware which found lots of spurious stuff) and the system kept getting slower. When I reverted to SP1 the system went back to normal response time.

c) The experimental evidence is that SP2 trashed my hard disk, very badly. When I finish pulling the data off of it, I'll have to do a low-level format on it.