Re: Security, router vs. software firewall
From: Chuck (none_at_example.net)
Date: 01/26/05
- Next message: BAR: "Re: XP joining Win98 LAN"
- Previous message: Steve Winograd [MVP]: "Re: XP joining Win98 LAN"
- In reply to: Michael Dixon: "Security, router vs. software firewall"
- Next in thread: JoH: "RE: Security, router vs. software firewall"
- Messages sorted by: [ date ] [ thread ]
Date: 25 Jan 2005 22:44:04 -0600
On Tue, 25 Jan 2005 18:16:25 -0500, "Michael Dixon" <*email_address_deleted*>
wrote:
>I have a LinkSys router. I have heard that having a router is effective as
>a fire wall and I don't need a software firewall like ZoneAlarm. Is this
>true?
>
>michael
Michael,
A NAT router (aka broadband or residential router) will protect you from most
malicious incoming traffic. If the router has SPI (and not all models do), that
provides actual firewall functionality. A router won't, however, detect or
block outgoing traffic, malicious or otherwise.
A third party software firewall like ZoneAlarm protects you against outgoing
traffic from malware like spyware or worms, if such should become installed on
your computer. A software firewall may also serve as an inner barrier, should
the NAT router ever be compromised.
If you have a wireless router, and you enable its radio function, having a
software firewall installed and running on each computer connected to your LAN
is a good idea to protect you from your wireless neighbors. If you have
multiple computers connected to your LAN, wired or otherwise, a software
firewall is a good idea, in case any one of them becomes infected, the others
are better protected.
IMHO, however, if you allow malicious software like spyware or worm to install
and run on your computer, and depend upon a software firewall to alert you or
filter its outgoing traffic, you are under protected.
A layered protection policy, with regularly updated anti-spyware and anti-virus
protection, is much better than simply relying upon outgoing filtering provided
by ZoneAlarm.
1) AdAware and Spybot S&D are both free anti-spyware products, and both
complement each other. Microsoft AS is currently free, has better detection
rate, but false positive rate also.
2) SpywareBlaster blocks known bad scripts from running.
3) Use an alternate browser, like Mozilla Firefox, as much as possible.
4) When you MUST use IE, block scripting for known bad websites (sourced from
Eric Howes excellent IE-SpyAd).
5) Practice safe hex, enhanced by use of a hosts file to prevent accessing
known bad websites.
AdAware <http://www.lavasoftusa.com/>
Spybot S&D <http://www.safer-networking.org/index.php?page=download>
SpywareBlaster <http://www.javacoolsoftware.com/spywareblaster.html>
IE-SpyAd <https://netfiles.uiuc.edu/ehowes/www/resource.htm#IESPYAD>
HPGuru's Hosts <http://www.dozleng.com/hpguru/>
MVPS Hosts <http://www.mvps.org/winhelp2002/hosts.htm>
-- Cheers, Chuck Paranoia comes from experience - and is not necessarily a bad thing. My email is AT DOT actual address pchuck sonic net.
- Next message: BAR: "Re: XP joining Win98 LAN"
- Previous message: Steve Winograd [MVP]: "Re: XP joining Win98 LAN"
- In reply to: Michael Dixon: "Security, router vs. software firewall"
- Next in thread: JoH: "RE: Security, router vs. software firewall"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
