Page 1 of 2 12 LastLast
Results 1 to 15 of 26
  1. #1
    5 Star Lounger
    Join Date
    Jan 2011
    Location
    Seattle, WA
    Posts
    1,070
    Thanks
    42
    Thanked 132 Times in 86 Posts

    Are both PC and router firewalls necessary?




    LANGALIST PLUS

    Are both PC and router firewalls necessary?


    By Fred Langa

    Running two firewalls in Windows and in a router might seem redundant, but there are good reasons to do so. Plus: Security concerns about Windows Error Reporting, advice on differential copying/synching software, and getting a balky browser add-in to work.


    The full text of this column is posted at windowssecrets.com/langalist-plus/are-both-pc-and-router-firewalls-necessary/ (paid content, opens in a new window/tab).

    Columnists typically cannot reply to comments here, but do incorporate the best tips into future columns.
    Last edited by Tracey Capen; 2013-04-03 at 19:33.

  2. #2
    New Lounger
    Join Date
    Dec 2009
    Posts
    3
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Hi Fred,

    Another good, simple, free backup tool that will do what Keith Pauli is looking for is Genie Timeline. My family uses the free version and it works great. It backs up our files to a shared NAS drive. The files are there to access easily if you like and on the host PC it allows you to right click a file and pick from multiple prior versions if you want to restore. It runs in the background and backs up the files when you change them keeping you constantly backed up. Very easy to use, pretty much set it up and forget it.

    Kevin

  3. #3
    2 Star Lounger
    Join Date
    Dec 2009
    Location
    Oxfordshire, UK
    Posts
    105
    Thanks
    2
    Thanked 0 Times in 0 Posts
    Hi Fred,

    When you state "If malware is trying to phone home, you've already lost the battle! Your PC is infected and might already be thoroughly compromised.", you overlook the fact that if the PC is infected the user is probably unaware of it and a firewall requesting permission for an outgoing attempt will, if nothing else, act as a notification of this infection. I think this makes the addition of outbound blocking a very useful addition to any security set up.

    Ken

  4. #4
    New Lounger
    Join Date
    Dec 2009
    Location
    Bourbonnais,Il, USA
    Posts
    6
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Fred,
    Two excellent freewares are:
    For sync- Freefilesync
    For backup- Cobian Backup

  5. #5
    Star Lounger
    Join Date
    Dec 2009
    Location
    Kennesaw, GA
    Posts
    67
    Thanks
    2
    Thanked 1 Time in 1 Post
    Another excellent sync tool is syncback from 2brightsparks.com They have a freeware version, but I prefer the SyncbackSE version which is around $30 as it will sync to a named backup. For instance I have two external USB harddrives that I have names Black750. Syncback syncronizes my data to the drive overnight but it can do it more frequently. It will even use named folders like day of week. For my libraries I just keep one copy, but for my active data I have a Sunday, Monday, Tuesday, etc copies. I swap the drives every Sunday with one going offsite. Because the drives are named the same the program just keeps working everynight as configured. I now have 14 days of backups of my active data at all times and two copies of my libraries (like music, photos, and software downloads). The only thing I have to do is remember to swap the drives on Sunday which is how I configured it. Syncback has many other capabilities as well such as copying file security info, compression, etc. All for a very reasonable price.
    Jim Nealand
    Kennesaw, GA

  6. #6
    Star Lounger
    Join Date
    Dec 2009
    Location
    Kennesaw, GA
    Posts
    67
    Thanks
    2
    Thanked 1 Time in 1 Post
    Lastpass is also a great password manager. I switched from Roboform to it and have never looked back.

  7. #7
    New Lounger
    Join Date
    Feb 2013
    Posts
    20
    Thanks
    4
    Thanked 0 Times in 0 Posts
    The router is a hardware firewall protecting against flawed incoming packets. Some can be programmed to filter packets as well.
    They cannot be curupted by malware like a software firewall.They also protect all pc's on the LAN some of those users have no firewall.

    However, a software firewall can be used to control outbound packets and incoming and give the u.ser control over which applications can access the www. As well you can block certain protocols that you don't need that would only be used if say you were a server.

    On my software FW I have an extensive ip block list. If I take the notebook to another location the protection of the home router is lost but the software FW is still working.

    So we need both.

  8. #8
    Super Moderator jwitalka's Avatar
    Join Date
    Dec 2009
    Location
    Minnesota
    Posts
    6,792
    Thanks
    117
    Thanked 798 Times in 719 Posts
    Quote Originally Posted by Escalater View Post
    The router is a hardware firewall protecting against flawed incoming packets. Some can be programmed to filter packets as well.
    They cannot be curupted by malware like a software firewall.They also protect all pc's on the LAN some of those users have no firewall.

    However, a software firewall can be used to control outbound packets and incoming and give the u.ser control over which applications can access the www. As well you can block certain protocols that you don't need that would only be used if say you were a server.

    On my software FW I have an extensive ip block list. If I take the notebook to another location the protection of the home router is lost but the software FW is still working.

    So we need both.
    Need is subjective. I've been running happily for a long time without a software firewall. Personally, I think they cause more problems than they fix. The first thing I do when I get a PC to repair is to disable any software firewalls. I've never run across a case where a software firewall caught a problem that wasn't evident from other symptoms.

    Jerry
    Last edited by jwitalka; 2013-04-04 at 19:36.

  9. #9
    New Lounger
    Join Date
    Feb 2013
    Posts
    20
    Thanks
    4
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by jwitalka View Post
    Need is subjective. I've been running happily for a long time without a software firewall. Personally, I think they cause more problems than they fix. The first thing I do when I get a PC to repair is to disable any software firewalls. I've never run across a case where a software firewall caught a problem that wasn't evident from other symptoms.

    Jerry

    Hi Jerry:

    My on line banking service REQUIRES me to have among other security tools a Firewall.

  10. #10
    Super Moderator jwitalka's Avatar
    Join Date
    Dec 2009
    Location
    Minnesota
    Posts
    6,792
    Thanks
    117
    Thanked 798 Times in 719 Posts
    I've never heard of that. In addition to the Windows Firewall and a router firewall? How can they check?
    Can you give me a web site reference to this requirement.
    Jerry

  11. #11
    Administrator
    Join Date
    Jun 2010
    Location
    Portugal
    Posts
    12,519
    Thanks
    152
    Thanked 1,398 Times in 1,221 Posts
    Quote Originally Posted by jwitalka View Post
    Need is subjective. I've been running happily for a long time without a software firewall. Personally, I think they cause more problems than they fix. The first thing I do when I get a PC to repair is to disable any software firewalls. I've never run across a case where a software firewall caught a problem that wasn't evident from other symptoms.

    Jerry
    Indeed it is. Some people don't use AVs and don't get infected (which shows nothing, really). Some people do not use seat belts. It's all a matter of finding the balance between security and what you are willing to give away to achieve it.
    Rui
    -------
    R4

  12. #12
    New Lounger
    Join Date
    Feb 2013
    Posts
    20
    Thanks
    4
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by jwitalka View Post
    I've never heard of that. In addition to the Windows Firewall and a router firewall? How can they check?
    Can you give me a web site reference to this requirement.
    Jerry
    Firewalls prevent hackers want your identity. In my view it is "reckless" not to have one and both are better. The fact that you have not been caught yet does not prove you don't need one. I'm glad you are safe so far.

    Well I'm not going to id my bank on a public forum. But here copy/pasted is the relevant section. It doesn't say both h/w and s/w but FW is available user must activate it for on line security agreement to hold.

    15.Security. (a) You must always keep your Passwords and Personal Verification Questions strictly confidential. You must not disclose your Passwords or Personal Verification Questions to anyone. If you know or think that someone may know your Passwords or Personal Verification Questions, you must tell us immediately and you must change your Passwords or Personal Verification Questions, as applicable, immediately. Your obligations under this Section 15(a) are subject to the sole exception set out in Section 15(b) below. You must select an e-Transfer Question and Answer known only to the person intended to receive your e-Transfer. You must not disclose an e-Transfer Question and Answer to anyone other than the person intended to receive your e-Transfer and as set out in Part E, Section 7 and as we may further instruct you.

    (b) You may choose to share your Password with an Aggregator. If you share your Password with an Aggregator, you understand that (i) we will not help the Aggregator in any way and will not be responsible for the information retrieved by the Aggregator; (ii) we will not be responsible to you for any losses that may result from you sharing your Password, using the Aggregation Service or using a Third Party Account Aggregation Service; (iii) you are responsible to review the security and privacy standards of the Aggregator and to determine what your liability will be in connection with the Third Party Account Aggregation Service; (iv) you will change your Password immediately when you end the Third Party Account Aggregation Service; and (v) we have the right to prevent Aggregators from accessing your Accounts.

    (c) Your Passwords, Personal Verification Questions and e-Transfer Question and Answer must be unique and not easily guessed or obtained by others, including not using the birth date or name of you or a family member, your telephone number, social insurance number, or sequential numbers such as "1234". You must not select a Password that is the same as any personal identification number (PIN) you use with a client card or credit card issued to you.

    (d) For the Services, the security of your information depends on you using safe practices. You agree that when using the Services, you will take all steps necessary to make sure that you do not reveal any confidential information to anyone, other than through the Services for the purpose of the transaction. This includes making sure that other people cannot see the screen or key pad on your Electronic Access Device or cannot hear your call, as applicable. In addition:
    i) There are sections on our websites about how you can make Online Banking more secure and about how we make Online Banking more secure. You must read these sections regularly;
    ii) You must sign out after each Online Banking session to prevent anyone else from accessing your Online Banking;
    iii) You must not leave your Electronic Access Device unattended while logged into Online Banking or while making Mobile Payments and you must use reasonable steps and precautions to protect your Electronic Access Device against loss or theft; and
    iv) You agree to implement and maintain reasonable security measures which include up-to-date virus scanning software and a firewall system, if such security measures are available for your Electronic Access Device.

    (e) You will notify us immediately if you become aware of any unusual, suspicious or fraudulent activity in an Account.

    (f) You agree to comply with any additional security requirements that we may require in connection with the Services.

  13. #13
    Super Moderator jwitalka's Avatar
    Join Date
    Dec 2009
    Location
    Minnesota
    Posts
    6,792
    Thanks
    117
    Thanked 798 Times in 719 Posts
    Nothing in there says the Windows Firewall along with a router hardware firewall isn't sufficient.
    Firewalls prevent hackers want your identity. In my view it is "reckless" not to have one and both are better. The fact that you have not been caught yet does not prove you don't need one. I'm glad you are safe so far.
    I don't believe an additional software firewall adds anything to protecting against identity theft but that's just my opinion. As I stated before, I haven't run across a case in a client computer that had a software firewall that detected any malware without other symptoms. I have run into several cases where the firewall prevented normal operation which is why my personal belief is they are more trouble than they are worth.

    If you feel more comfortable with a software firewall, its not my place to recommend otherwise.

    Jerry

  14. #14
    Administrator
    Join Date
    Jun 2010
    Location
    Portugal
    Posts
    12,519
    Thanks
    152
    Thanked 1,398 Times in 1,221 Posts
    Quote Originally Posted by jwitalka View Post
    I have run into several cases where the firewall prevented normal operation which is why my personal belief is they are more trouble than they are worth.

    If you feel more comfortable with a software firewall, its not my place to recommend otherwise.

    Jerry
    So what about AVs that cause problems? Or other apps?

    Sorry Jerry, blanket statements aren't adequate in any case, and that includes software firewalls. What's more, with software firewalls that offer HIPS features, you get protection that could easily fall in the same category as protection offered by anti-malware software. Many 3rd party firewalls offer that and do it in quite an effective way, which, IMHO, puts even more clearly your blanket statement on the spot.
    Rui
    -------
    R4

  15. #15
    Super Moderator jwitalka's Avatar
    Join Date
    Dec 2009
    Location
    Minnesota
    Posts
    6,792
    Thanks
    117
    Thanked 798 Times in 719 Posts
    But in my opinion, software firewalls don't enough to justify the possibility of additional problems. Apps and AV programs do. As you say, many AV programs already provide HIPS. The most common source of identity theft is stolen online databases, skimmers and breaking into business wireless networks like the TJMAX case. Stealing from individual PCs is a drop in the bucket compared to these cases. But as I said, its only my personal opinion. We all do what we are most comfortable with.

    Jerry

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •