Page 1 of 3 123 LastLast
Results 1 to 15 of 45
  1. #1
    4 Star Lounger
    Join Date
    Jun 2001
    Location
    Edinburgh, Midlothian, Scotland
    Posts
    492
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Hardware/Software Firewalls

    For a long time now, I have been using Mcafee Personal Firewalll as part of their Internet Security Suite.

    I also have a Belkin ADSL Modem with built-in Wireless Router which has according to the manual "is equipped with a Firewall that will protect you from a wide array of cooon hacker attacks ...."

    Is it necessary to have both running? If not, is the hardware firewall sufficient?

    Whilst I am computer literate, this part of computing has always confused me.

    Many thanks


    Colin

  2. #2
    Plutonium Lounger
    Join Date
    Nov 2001
    Posts
    10,550
    Thanks
    0
    Thanked 7 Times in 7 Posts

    Re: Hardware/Software Firewalls

    A hardware firewall is almost certainly not sufficient. It will only protect you against incoming connections.

    A software firewall will also protect you against potential outgoing connections that originate on your computer, these can come from trojan programmes and spyware, adware or other nasties.

    A combination of the two will provide optimal protection.

    See <post#=407,306>post 407,306</post: > for more information

    StuartR

  3. #3
    4 Star Lounger
    Join Date
    Jun 2001
    Location
    Edinburgh, Midlothian, Scotland
    Posts
    492
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Hardware/Software Firewalls

    Thanks for the prompt feedback.

    I've always wondered if I was duplicating work, but I'll quite happily leave both running.


    Colin

  4. #4
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts

    Re: Hardware/Software Firewalls

    > I've always wondered if I was duplicating work

    Running a router-based firewall between your computer and the Internet actually reduces the load on your software firewall by dropping all incoming connections that you didn't initiate or otherwise allow. They're definitely better together. <img src=/S/smile.gif border=0 alt=smile width=15 height=15>

  5. #5
    4 Star Lounger
    Join Date
    Jun 2001
    Location
    Edinburgh, Midlothian, Scotland
    Posts
    492
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Hardware/Software Firewalls

    Out of interest I thought I'd post a reply I got from Belkin.

    I posed the same question at the same time to belkin and I've just had this answer.



    "Thank you for contacting Belkin Technical Support.

    We understand that you want to know if both firewalls are needed for protection.

    Colin, it is not necessary to have two firewalls for protection of the network. Our Belkin router hardware firewall is sufficient to protect your computers from hackers. You can either have McAfee firewall installed in the computer or you can uninstall it."



    I think I'll trust the advice I got on this board!.

    Once again, thanks.

  6. #6
    Gold Lounger Rebel's Avatar
    Join Date
    Jul 2001
    Location
    Canada
    Posts
    3,024
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: Hardware/Software Firewalls

    <hr>I think I'll trust the advice I got on this board<hr>
    Wise choice Colin. It might be amusing to ask Belkin tech support for an explanation of exactly how their router/firewall protects against outbound connections <img src=/S/evilgrin.gif border=0 alt=evilgrin width=15 height=15> .
    John
    A Child's Mind, Once Stretched by Imagination...
    Never Regains Its Original Dimensions

  7. #7
    Silver Lounger
    Join Date
    Jan 2001
    Location
    Brantford, Ontario, Canada
    Posts
    2,391
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Hardware/Software Firewalls

    <P ID="edit" class=small>(Edited by cbaldrey on 07-Sep-05 12:53. Link for Call for Help was bad -- oops!)</P>I was watching an episode of Call for Help the other week, and the host Leo Laporte and guest Steve Gibson suggested that the router box is most likely enough for the home user.

    Personally, I've used both my router, and ZoneAlarm installed on my windows computers at the same time. However, after hearing that the other day, and knowing both Leo and Steve are well respected in the PC knowledge (Steve in security more so), I've started to think about removing ZoneAlarm.

    However, there's nothing wrong with having both running.
    Christopher Baldrey

  8. #8
    Platinum Lounger
    Join Date
    Jan 2001
    Location
    Quedgeley, Gloucester, England
    Posts
    5,333
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: Hardware/Software Firewalls

    On testing with Steve Gibson's "Shields Up" port scanner from an XP Pro PC, our hardware firewall at work shows one port as Open (25, SMTP), about 6 or 7 as Stealthed, and all the rest (over 1000) as Closed.

    Turning on the Windows XP Firewall (and rebooting, just in case!) makes absolutely no difference to the "Shields Up" port scan results. There is no other software firewall available to me there.

    Does this result surprise anyone?

    John

    PS At home, with Norton Internet Security and no hardware firewall, every single port shows as Stealthed!
    <font face="Script MT Bold"><font color=blue><big><big>John</big></big></font color=blue></font face=script>

    Ita, esto, quidcumque...

  9. #9
    Administrator
    Join Date
    Mar 2001
    Location
    St Louis, Missouri, USA
    Posts
    23,572
    Thanks
    5
    Thanked 1,057 Times in 926 Posts

    Re: Hardware/Software Firewalls

    John,

    Isn't the firewall what presents the IP address to the 'world'? So, the port scanner will try that IP address not an internal address. Therefore, the results are not suprising as the firewall is responding to the test. The PC is not going change the status of any of the 'closed' or 'stealth' ports on the firewall. They are still going to be 'closed' or 'stealth'.

    Joe
    Joe

  10. #10
    Gold Lounger Rebel's Avatar
    Join Date
    Jul 2001
    Location
    Canada
    Posts
    3,024
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: Hardware/Software Firewalls

    The box is "most likely enough for the home user" IF the home users are absolutely certain that their systems contain absolutely no malware or spyware that "phones home" periodically. From my experience with the "average" home user, I don't think that the majority can make that claim. Controlling this type of outbound connection is simply not possible with only the router/firewall box and I would certainly not recommend this type of "one way" protection to anyone.
    John
    A Child's Mind, Once Stretched by Imagination...
    Never Regains Its Original Dimensions

  11. #11
    Plutonium Lounger
    Join Date
    Nov 2001
    Posts
    10,550
    Thanks
    0
    Thanked 7 Times in 7 Posts

    Re: Hardware/Software Firewalls

    I have to confess here.

    I advise other people to use both types of firewall, but I personally rely on just a hardware firewall (configured for stealth mode), plus regularly updated sypware and adware with daily scans.

    StuartR

  12. #12
    Silver Lounger
    Join Date
    Jan 2001
    Location
    Brantford, Ontario, Canada
    Posts
    2,391
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Hardware/Software Firewalls

    But you're also relying on the home user to answer correctly when prompted by the firewall software, asking "what do I do with this request?"

    I've setup many computers for people, with various software firewalls, and if they modify the settings themselves, or Little Billie next door advises an action, the firewall is toast.

    Maybe there isn't a solution...
    Christopher Baldrey

  13. #13
    Uranium Lounger viking33's Avatar
    Join Date
    Jun 2002
    Location
    Cape Cod, Massachusetts, USA
    Posts
    6,308
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: Hardware/Software Firewalls

    I'll use BOTH, Thanks.

    I have a Westell combo ModemNAT Router. I have found that using either ZoneAlarm or Sygate firewalls will show Open ports 25 and 110 when tested with Shields Up, ONLY when there is a program that has been allowed to operate as a SERVER . Not allowing any server capabilities will then show ALL ports Stealth when retested with Shields Up.
    BOB
    http://lounge.windowssecrets.com/S/flags/USA.gif http://lounge.windowssecrets.com/S/f...sachusetts.gif


    Long ago, there was a time when men cursed and beat on the ground with sticks. It was called witchcraft.
    Today it is called golf!

  14. #14
    Gold Lounger Rebel's Avatar
    Join Date
    Jul 2001
    Location
    Canada
    Posts
    3,024
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: Hardware/Software Firewalls

    Yes, probably many people would struggle when responding to the firewall's questions. <img src=/S/sigh.gif border=0 alt=sigh width=15 height=15> Maybe you're right. Maybe there isn't a solution <img src=/S/shrug.gif border=0 alt=shrug width=39 height=15>
    John
    A Child's Mind, Once Stretched by Imagination...
    Never Regains Its Original Dimensions

  15. #15
    Gold Lounger Rebel's Avatar
    Join Date
    Jul 2001
    Location
    Canada
    Posts
    3,024
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: Hardware/Software Firewalls

    <img src=/S/shocked.gif border=0 alt=shocked width=15 height=15>
    John
    A Child's Mind, Once Stretched by Imagination...
    Never Regains Its Original Dimensions

Page 1 of 3 123 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •