Re: firewall behind router
From: Lanwench [MVP - Exchange] (lanwench_at_heybuddy.donotsendme.unsolicitedmail.atyahoo.com)
Date: 08/28/04
- Next message: Lanwench [MVP - Exchange]: "Re: Netowork over Internet"
- Previous message: Chuck: "Re: Wireless Router access to Hotmail, Yahoo! mail, and FrontPage publishing"
- In reply to: Lou: "Re: firewall behind router"
- Next in thread: Chuck: "Re: firewall behind router"
- Messages sorted by: [ date ] [ thread ]
Date: Sat, 28 Aug 2004 18:35:10 -0400
Lou wrote:
> Thanks for reply.
>
> FYI. I do have file/printer sharing activated and use it on all my lan
> computers. On one of my lan computers I am running XP Home with SP2
> installed and the Windows firewall activated.. The others lan
> computers run Windows 98 with no firewall. All have an active
> anitvirus program activated. All run behind the router with private
> addresses for all IP addresses. I do not need protection between my
> lan computers.
Then you probably don't need the windows firewall enabled. But I do suggest
you put a firewall in place between your internet router & your LAN.
> I have no problems connecting to internet from any
> computer nor between lan computers.
>
> What does NAT "acts as a firewall" but isn't a firewall mean in terms
> of exposure to problems relative to unsolicited activity from internet
> sites?
NAT is network address translation. It doesn't inspect packets. See
http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci212125,00.html
for one definition of what a firewall is....
>
> I do understand that Windows firewall provides protection for incoming
> but not outgoing net traffic.
Yep....if you get a hardware firewall, you can set it up to allow only those
outbound ports you wish (80, 443, 110, 25) as well as blocking all inbound
ports, and no computer will receive pesky popup notifications like "do you
want to allow X to access the Internet?". Of course, a firewall is not a
panacea, and should be only one part of your security strategy. Keeping all
computers patched to the gills with the latest critical updates and perhaps
upgrading the 9x PCs to XP as well would be a good step....as well as
keeping all antivirus software updated.
>
> Thanks again.
>
> Lou
>
> On Sat, 28 Aug 2004 15:39:39 -0400, "Lanwench [MVP - Exchange]"
> <lanwench@heybuddy.donotsendme.unsolicitedmail.atyahoo.com> wrote:
>
>> NAT "acts as a firewall" but isn't a firewall. Either put in a
>> decent SPI firewall (such as a NetGear FR114P) or install firewall
>> software on all clients and allow the local subnet free access if
>> you need file/printer sharing.
>>
>> Lou wrote:
>>> Is there a need for a firewall behind a router. My home network is
>>> configured with private addresses (i.e. 192.168.x.x). The router ip
>>> address which connects to the internet via cable modem is also
>>> private (192.168.0.142).
>>>
>>> Reason for question is I seem to recall private addresses are not
>>> accessible from the internet.
>>>
>>> Lou
- Next message: Lanwench [MVP - Exchange]: "Re: Netowork over Internet"
- Previous message: Chuck: "Re: Wireless Router access to Hotmail, Yahoo! mail, and FrontPage publishing"
- In reply to: Lou: "Re: firewall behind router"
- Next in thread: Chuck: "Re: firewall behind router"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
