Newbie question re router's built-in firewall


I have a Linksys WRT54G router, an outstanding product in my humble opinion.

I'm still a novice at this wireless malarkey so my questions are:

(1) given that I'm running with ZoneAlarm Professional, do I need to enable the router's built-in firewall?


(2) if the answer to (1) is yes, do I need to bother with ZoneAlarm Professional?

Any considered opinions greatly appreciated :-)


Reply to
Alex Flaherty
Loading thread data ...

By all means enable the router's firewall; it probably offers stateful packet inspection and DOS attack prevention. There are many who believe that the mere presence of a NAT router obviates the need for a personal firewall; the additional hardware firewall can only make your security better overall.

Reply to

Now from what I hear mind you I don't use a 54G router, that router can stop inbound and outbound traffic by port, protocol and IP by setting rules. If that is the case, then ZA would be out the door if I was using that router. The only thing that router's firmware doesn't do is log traffic, which that router has free 3rd party firmware you can install that will allow you to use Wallwatcher and that's free too. The router is the better overall solution in protecting the network.

However, since it's a wireless device some like to go with a PFW solution for better protection in case the wireless is hacked to prevent access to the machine. I myself would go where one should go is to the O/S and harden it to attack and would still dump ZA, since the machine was behind the protection of that router.

Duane :).

Reply to
Duane Arnold

should not cause any harm - so why not?

dont forget this protects other devices plugged onto your LAN - temp laptops for a visitor is an issue for me

Yes - you should have a personal firewall.

the PFW has much better visibility of which programs cause traffic flows since it can "tell" via the operating system which program tries to connect.

the Linksys only sees the network traffic, so it cannot identify which application is querying a web server, only that it is from your PC.

finally if you have multiple PCs, then a personal firewall has some chance of blocking a problem propagating locally.

personal firewalls give much more fine grained control.

the router firewall insulates your LAN from the Internet to some extent

both are useful, and although there is some overlap they complement each other.

Reply to

The router will not stop outbound traffic, whereas ZA will. E.g. that damn trojan gets into your machine via an email and it then starts calling home - the NAT of the router will not help, but ZA will alert you to this evil happen-stance!

Reply to

From what I have been told, that 54g can stop outbound traffic by setting rules to stop it. Using a log viewer like Wallwtacher will allow the user to see both inbound and outbound traffic to and from the machines behind the router and one can easily spot connections to dubious remote IP(s) and what machine on the LAN is doing it. One should not use something like a personal FW as a stops all and ends all solution because malware can go over, under, around and through a PFW and even reconfig a PFW solution and it can be attacked and defeated just like the O/S can be attacked and defeated, since it runs with the O/S. The packet filtering FW router that can stop inbound and outbound traffic with logging cannot be taken out, circumvented and defeated like the PFW solution.

One looks from time to time with the proper tools and not depend upon a PFW solution like a crutch.


formatting link

formatting link
Duane :)

Reply to
Duane Arnold Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.