Jump to content

What type of Firewall do you use?


rridgely

What type of firewall do you use?  

133 members have voted

  1. 1. What type of firewall do you use?

    • Hardware
      9
    • Software
      63
    • Both hardware and software
      51
    • None
      11


Recommended Posts

I'm now using a hardware firewall with Windows Firewall.

 

 

Now for a REALLY stupid question - and, please, don't laugh :blink:

 

I access the internet via a wireless (Netgear) router - do I need another firewall - assuming the router acts as one in the first place? Currently I use Zone Alarm Free.

 

This just shows the limit of my computer knowledge! :unsure:

Link to comment
Share on other sites

kaybee, the only stupid question is the one that is not asked.

 

How about reviewing the comments in this topic.

 

Have a look at:

http://forum.piriform.com/index.php?showtopic=19530

 

We all learned from reading other people's experiences.

"Education is what remains after one has forgotten everything he learned in school." - Albert Einstein

IE7Pro user

Link to comment
Share on other sites

I access the internet via a wireless (Netgear) router - do I need another firewall - assuming the router acts as one in the first place? Currently I use Zone Alarm Free.

 

A Comodo software firewall protects me.

 

Recently a Netgear Wireless Router / Modem was added.

This gives a better connection speed than the Speedtouch modem I previously used.

 

Netgear is set to allow "outgoing only",

but I was amazed at the incoming it also allowed which should have been blocked.

 

I have a dynamic IP address, so some days I inherit what was used by a more social animal,

and the Comodo logs would show many incoming attempts from his Peer to Peer and Bit Torrent friends trying to resume yesterday's experiences.

Far less often, I would get hit by a trojan army - perhaps 50 incoming attempts from different IP addresses within 0.2 Seconds, and repeated at 5 second intervals with a totally different set of IP addresses. Both old Comodo 2 and new Comodo 3 blocked perfectly, but old Comodo 2 would take a high percentage of the CPU cycles unless I disabled logging - it was actually simpler to disconnect and reconnect to the ISP and my old IP address became some-one else's problem

 

Netgear removes much BUT NOT ALL of the burden of the above from the software firewall (and the CPU cycles),

so I still NEED the software firewall for maximum security.

 

I have lost count of the number of software packages I downloaded trouble free (before and after the Netgear addition).

The first Netgear Router software upgrade was no trouble at all.

The second Netgear Wireless adapter upgrade just would not happen.

I inspected the Comodo log and found it totally blocked an INCOMING from the Netgear web-site.

I had to tell Comodo to permit INCOMING for that particular web-site, and then I got the upgrade.

 

The problem is that hardware firewalls assume that if you make an outgoing connection to an IP address,

then they should not only accept replies to your connection, they also accept anything else (including malware) which that IP address decides to stuff down your throat.

 

I have just downloaded CCleaner ccsetup215.exe

Comodo shows that a TCP Out transaction from my port 1438 to Piriform 72.21.207.132:80 sent 872 bytes out, and received 3.1 MBytes in as a reply to the same port. Every time I download anything from anywhere, I can receive megabytes coming in as a reply to the port from which I sent a fist full of bytes to make the request.

Because Windows gave Firefox an unused port (e.g. 1438) any incoming packets go direct to Firefox to handle the download, and Comodo (and also Netgear) accept this as as a reply on an outgoing connection.

That always happens with whatever port happens to be allocated by Windows.

 

The only download problem was the Netgear Wireless upgrade. I sent the fist full of bytes from port e.g. 2345, and Netgear web site tried to stuff the update down my port 2346. I don't know the details of FTP, but I guess that is what they aimed for.

The netgear firewall permitted this in-appropriate download aimed at a port which had NOT been allocated to Firefox, but fortunately Comodo blocked it.

 

I am really glad that Comodo blocked it. I had the minor inconvenience of a delay investigating and then altering a firewall rule - but I also got peace of mind.

 

Had Comodo NOT been present, then Netgear would have allowed uncontrollable stuff into a port over which my legitimate applications had no control. The consequences could have been :-

illegitimate malware could have first acquired that port (2346) and now been waiting for this damaging payload;

Windows might have taken "default" action over incoming to an unallocated port, and the default with a "privileged port" is to allow a total stranger to take over your computer ! !

 

Netgear not only allows incoming packets to the wrong port, it allows the wrong protocol also.

Netgear blocks ICMP which includes Echo Requests - mostly.

I found that some internet speed test sites send echo requests to me, and Netgear allows them through, and only Comodo stops them (I have to set specific permissions for the sites to which I wish to echo).

Some web sites will respond to a Ping, which helps strangers observe internet delays etc.

Other web-sites do NOT because a computer can be infected by specially crafted ICMP messages.

I wish to be like a secure internet banking web-site, and have Comodo block unwanted ICMP messages.

 

A few weeks ago M.S. revealed an exploit that had been in the wild for several months, and the last "out-of-cycle" security patch has mitigated the danger.

I believe an "SQL Injection Attack" could compromise a web-site so that visitors could be infected.

I do not know the details, but I assume that when that danger exists :-

Hardware Firewall will NOT protect when visiting an infected web-site;

Software Firewall WILL protect from an infected web-site (unless it is a reply with the same protocol to the same port number).

 

I believe :-

The Netgear Router/Firewall/Modem gives me better speed on the Internet, but does not block anything which would not be blocked by the software firewall;

My (software) firewall protection fends off any infection from unintentional connections/downloads.

 

Any download containing malware that I may be tricked or re-directed to will get through the firewalls.

Once downloaded malware is initiated, my anti-virus should inspect and detect and block before it gets into the system.

 

If malware gets through, I have lost control (what little control Windows allows a humble administrator ! ), and :-

Hardware can do nothing for me - it cannot distinguish Firefox or a new keylogger/trojan making an outgoing connection;

Software knows if any application is authorised to make a connection, and if not will block it;

so even if malware has stolen my identity and credit card numbers, it cannot "phone home" with my details.

(In addition, Comodo does not only stop bad stuff in both directions, but also will block a keylogger etc. from merely gathering information - long before the keylogger tries to phone home.)

 

I feel I am better protected by having a software firewall.

 

I am not complacent, so remain alert to any unexpected changes in how my system behaves.

I fear I could be at greater risk from a Security patch impairing the system or making it unbootable,

which is why I always wait a day or two after Patch Tuesday to see if there are any casualties,

and then before unleashing the patch I create a fresh disk image just in-case.

 

The last time I had a virus was before the internet, when my younger son would get home from school before I left work, and he had copied from his friends more games onto a box of 5.25 inch floppy discs.

Every other weekend I had to re-install DOS 3.13.

Been there, done that, not doing it again ! !

 

Perpetually Paranoid

Alan

Link to comment
Share on other sites

Wireless Routers/Firewalls are vulnerable, especially if the Wireless link is not encrypted adequately.

 

WEP is not adequate.

 

Also WAP is not adequate according to http://blogs.techrepublic.com.com/security/?p=708

 

I use WAP2 so I have no fear - yet ! !

 

When WAP2 is broken then a neighbour MIGHT steal some of the bandwidth supplied by by ISP.

 

I assume my hardware firewall "protects" my computer only from malware delivered by my ISP,

and any wireless hack could enter my computer direct via the wireless without the hardware firewall being aware of it.

This is yet another reason for continuing to use a software firewall that protects both my Ethernet and wireless connections.

 

Regards

Alan

Link to comment
Share on other sites

  • 5 weeks later...

Windows firewall and router

There's always an exception to the rule. I'm that exception.

 

Desktop ----- AMD Athlon 3700+ (2.64Ghz), 2GB DDR 400, ASUS A8N-SLI Premium, 500GB HD, Windows XP Pro SP3, Avira Antivir Personal

At work ----- Intel C2D T1700 (1.6Ghz), 2GB DDR2 667, Dell OUY141, 80GB HD, Windows XP Pro SP2, Symantec 10

Laptop ----- Intel C2D P8400 (2.4 Ghz), 4GB DDR3 1066, Mainboard, 160GB HD, Dualboot: Windows 7/openSUSE 11.1, Avira Antivir Personal

 

link1.gif

Link to comment
Share on other sites

  • 1 month later...

you can see my Laptop configuration in my signature, I use Outpost Firewall Pro 2009, but I've not install the Antispyware and Webcontent control that come with that :)

Most People Respect the Badge. Everyone Respects the Gun.

Software: Windows 7 Ultimate x86, AVIRA Premium Security Suite 9, Google Chrome 5 Beta (WOT, Xmarks, Chrome Flags), Sandboxie, Malwarebytes Antimalware, Hitman Pro, HostsMan, Roboform, UPEK PSQL.

Virtual Machine(s): Sun VirtualBox, Windows XP Pro SP3, AVIRA Premium Security Suite Beta 2010.

Link to comment
Share on other sites

Actually I don't use a firewall, but the good old windows firewall is turned on. (otherwise the security center starts naggin' again... :P ) I like to use as few system resources as possible ;)

 

You can go in the Security Center and change the way it alerts you when you don't have an anti-virus or disable Windows Firewall :o)

How can I use a picture as a signature?

Link to comment
Share on other sites

Its not wise to run without an anti virus.

 

avast! is very good.

"Education is what remains after one has forgotten everything he learned in school." - Albert Einstein

IE7Pro user

Link to comment
Share on other sites

Don't use one, just Windows Firewall. :)

Do you use Vista?

"Education is what remains after one has forgotten everything he learned in school." - Albert Einstein

IE7Pro user

Link to comment
Share on other sites

I have a hardware one built into my router, but only use the windows built in software firewall. I tried a bunch, and to be honest, I found that so much of the security stuff out there was as bad as the malware for slowing things down and such. I just keep all private stuff on an external and turned off when surfing, and use common sense when opening emails and going to web sites.

 

:)

Link to comment
Share on other sites

Still using router+XP's firewall. I haven't got a need in having complete control in outbound connections. Common sense pretty much covers my security needs, well perhaps our security needs.

Link to comment
Share on other sites

  • 2 weeks later...
  • 2 months later...

hey guys,this post is really interesting..i have verizon dsl,westell versalink 327w ..xp-pro-sp3

i found my firewall setting for westell..it has 5 options.

 

Custom Security (Custom)

 

 

Custom is a very advanced configuration option that allows you to edit the firewall configuration directly. Only expert users should attempt this.

No Security (None)

 

 

All traffic is allowed.

 

 

Minimum Security (Low)

 

 

The low security setting will allow all traffic except for known attacks. With low, your modem is visible by other computers on the Internet.

 

 

 

Typical Security (Medium)

 

The medium security setting only allows basic Internet functionality by default, just like High level security. Medium security, however, allows customization through Port Forwarding configuration so certain traffic can pass.

 

 

Maximum Security (High)

 

 

The high security setting only allows basic Internet functionality. The High security setting guarantees to only pass Mail, News, Web, FTP, and IPSEC. All other traffic is not allowed. High security restricts modification by NAT configuration options.

 

 

NOW... .which setting should i check along with windows firewall...hope there are some verizon,westell327w routers persons who has experience with this settings.

and yeah i need to cut downon resources,i only have 768ram

thanks

Link to comment
Share on other sites

  • 1 month later...
  • 3 weeks later...

I use Online Armor Premium

Proud Graduate of GeekU - Learn how to remove malware

 

unite_teal.png

Unified Network of Instructors and Trained Eliminators

 

UBgrey.png

 

My help is always free, but if you can, please donate_2.gif to help me continue the fight against malware.

Link to comment
Share on other sites

  • 4 weeks later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.