I'm using a Linksys WRT54G with one wired PC and one wireless laptop. Do I need to run firewall software also? I had been using EZ Armor FW and Virus, but the desktop slowed to a crawl. After removing the firewall software (accidently), it runs normally again. This PC isn't exactly a powerhouse, but it's OK for my needs.
How bad is it (and how dumb am I) if I don't re-install the software FW? Do I really need it, seeing as how both PCs are running behind the router?
If you're not concerned about someone hacking the LAN on the wireless side of the router and hacking a computer on the LAN wired or wireless, then you don't need a personal FW.
1) You don't need a personal firewall when you are behind a NAT device that provides a private network without anything port forwarded.
2) Your wireless needs to be secured, if not already, to keep outsiders off your Laptop and desktop - if you have exposed your wireless without locking it down you have also exposed your laptop and your PC.
3) The windows non-firewall included in XP SP2 will be more than enough, but, if you take your laptop to other networks (school, work, friends) it won't be enough in most cases.
4) If you use your laptop on OTHER networks you really need to learn how to check the Windows TCP/IP Settings, disable File/Printer sharing when you are not home, and how to adjust/check the Windows XP SP2 non-firewall settings for "Exceptions".
5) More important than a firewall, when behind a NAT router, is the Antivirus software and your security methods - like not running as an Administrator (best to run as a limited user), installing Fire Fox, not using Outlook Express or Outlook if you use POP3 for email....
As you can see from the reply you got from SG, it's worthless, doesn't explain anything, and has no content worth reading.
That is not conclusive: The NAT does block (most) incoming connections. The XP SP2 firewall does block all (most) incoming connections when configured with no exceptions.
Where is the difference which explains why something else then the XP SP2 FW is needed elsewhere?
Again contradictory to 3): if you think you need something else than the XP SP2 firewall in other networks and you are running a other brand "non-firewall" software then the recommendation should be to check that the XP SP2 firewall is turned off and the 3rd party "non-firewall" is on. Two or more firewalls running on a computer result on average in less security then a single one as it is unpredicted what actually is blocked and what not and by which firewall which will jeopardize the consistency of and state table in any firewall (as they are generally stateful).
Most important to keep your system up-to-date and reduce the number of software on your computer. The less software you are running the less is vulnerable. The less software the less you have to check for updates manually if it does not come with automatic updates. Subscribe to some good security notification lists like the one from Microsoft or US-Cert. Then you get timely notification of updates and you can update very quickly.
If you do all this you are very likely that your AntiVirus will never ever report anything relevant and thus will prove itself superfluous.
It blocks intrusions, but what holes does it have that have not yet been exposed? What about the next one that's found and exposes the system?
The NAT router is the better first line of defense when it can be used, but, as the OP mentions wireless, well, you can't NAT a wireless connection - what I mean is that the wireless connection is from the router to the laptop, there is no intermediate NAT between the wireless and the laptop - so, anything that makes it to the wireless also makes it to the laptop unless it's got some form of localized firewall.
I never mentioned another firewall application, not a single one, not even suggesting it. Stop playing the old/tired mantra.
So you mean that if you access email, through POP3, that you don't need antivirus? So, you mean that if you download via FTP or other, since the net has more than just MS and Cert, that you don't really need AV?
Come one, AV is mandatory, even as a limited user, for anyone running an OS that can be exploited by malware.
As an addition to the other replies you have received, I would like to point out that a software firewall can allow or disallow access based on the owner process. This allows you to deny outgoing access for certain applications while allowing it for others.
I am trying to figure out what you are talking about. The above statement makes no sense. The XP packet filter blocks all (most) incoming connections. And the NAT router blocks (most) incoming connections.
What does that have to do with the #3 statement when all that's being stated is that the XP FW may not be good enough when the OP's machine is not connected to the OP's network.
If the OP wanted to set a rule to stop outbound packets from leaving the machine, which the XP packet filter cannot do is one difference.
Anyone with any expertise would know not to be double firewalled so as to not block packets that would normally reach the machine, if not for the double FW situation.
The poster never said that. Where are you coming up with this conclusion that it was even said by the poster?
You're reading into it what you want to read into it.
This makes no sense. The point of the computer is to run software. That's why computers were invented, other than that, just connect a computerized toaster oven to the Internet.
That's life in the big city.
That's about the only thing you have said that makes some kind of sense
No one is going to do it. So why even bring it up.
If this is the advice you're giving your users, then they should kick you to the curb.
Vulnerablities which have not yet been exposed are always a problem. But you have the same problem with a NAT router, too. For the XP SP2 firewall is has been very much tested. NAT routers don't undergo that throrough tests simply because they are not used so much out there.
Plus: it is in the nature of NAT that there is a lot of guessing involved which ports to open and which not. The router must let response packets in and must figure out where to send it. Thus, if you use a packet sniffer or use some logging functions on the computer you'll see that some unsolicited packets occassionally get through.
The XP SP2 FW with no exceptions on a computer directly connected to the internet is protecting the computer better than a NAT router. NAT does not provide the protection like a properly setup packet filter.
That does not explain why the computer would need another (different) firewall from the XP SP2 FW when it is connected to other networks.
Well you wrote: "The windows non-firewall included in XP SP2 will be more than enough, but, if you take your laptop to other networks school, work, friends) it won't be enough in most cases.". If it is not a 3rd party firmware then what else do you need? You don't explain it. I have guess you have thought of a 3rd party firmware. If it is not, then you really have to explain what would fill the "not enough" if the computer is in other networks.
I access my e-mails through pop3 and imap. I don't need antivirus. Why should I need antivirus? For what? The antivirus usually does not show any useful messages. All the antivirus potentially did was damaging my mail folders when the mail program downloaded an old blaster from my pop3 box and annoyed me with some 20 virus access warnings (which I had to allow each time) until I was able to delete the virus e-mail from my Inbox and emptied the trash. The computer was at no time at any danger still the antivirus will give you a hard time to do what you are supposed to do with an virus e-mail: DELETE.
And what should I donwload via FTP for which I need an antivirus? Can you be more specific?
No. I don't have AV nor FW. I run as limited user. I don't know why it should be mandatory. As there is no 100% security anything can potentially be exploited by malware. But the best protection against malware is still me. As I am better than some AV which well slows down my computer it is a easy choice for me.
Well, it could well be that my English is not that good. But a "suggestion" is no "explanation" in my dictionary. An explanation explains why the suggestion is important. You don't explain why those suggestions are important. SG did the same. He wrote what is true but did not explain why.
This "feature" is often used to block access to update servers.
This "feature" is often used to block access for software which people installed themselves and which they don't bother to configure properly to prevent those outgoing access.
This "feature" is easily circumvented by good malware.
And if this "feature" actually points to malware this is often used as indication to look for some malware removal tool instead of doing what would be appropriate: reformat. If primitive malware which is detected by the PFW is already running on the computer (although there is the PFW and probably an AV) it is very likely that worse malware like a root-kit is already there, well hidden somewhere...
Thanks for the great responses, explanations, advice and comic relief. I was impelled by the banter to reinstall both firewall and anti-virus. And resolved to order a faster machine very soon.
You don't know what you are talking about. A typical SOHO NAT router, like the Linksys BEFSR41, provides more protection for a single PC than Windows XP firewall does.
For most users that have more than one computer, rather than using fixed or dynamic public IP's for each computer/node, even a typical SOHO NAT router provides more protection than Windows XP SP2 firewall.
Only a fool would believe that the Windows firewall provides more/better protection for a single PC than a typeical NAT router.
You don't need a new firewall, as long as you learn to control the Windows XP Sp2 firewall and to monitor it, oh, and most importantly, to run as a limited user.
The NAT router and the XP SP FW basically do the same. Still the XP SP FW is not enough at some places while the NAT router is enough always?
The question is: if there is some reason why the XP SP2 FW is not enough in another network although NAT router and XP SP2 FW are basically doing the same, why does that reason not apply to the NAT router as well? But as it is not explained why the XP SP2 FW is not enough in another network I can only ask that unspecific question...
O.K. But that was not mentioned before. Plus the WRT54G with standard firmware does not do reliable outbound filtering.
As I wrote elsewhere I thought he was thinking of another firewall. But if he is not thinking of another firewall than it remains open what would be necessary to fill this "not enough" when the computer is connected to another network. Behind the NAT router the XP SP2 FW is enough. In another network it is not. So what is the suggestion here? Not to connect to another network? Is that the only point here?
Reduce the amount of software you are using and installing. I have seen computers of people where the windows start menu wrapped over four columns on a high-resolution screen filling well over 200 GB on the hard disc with software alone. Anything they installed for test purposes they simply left there. Why bother even deinstalling something if you still have space left?
Think about what you want to do with your computer and install the software you need for your purpose. That's it. If you need your computer, don't use it a toy to install any garbage you come across...
But as you have to check for updates yourself the situation is easier to manage if you only have 5 essential software products (plus the OS of course) on your computer than 50 most of them hardly or never used.
Who is doing it what? It is an observation. Noone is doing anything.
They would certainly prefer advice from someone uncouth...
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.