Is Software Firewall Necessary with a H/W already running?

[Guest]

Archived from groups: comp.security.firewalls (More info?)

I finally purchased a hardware firewall (Netgear FVS318). Alot of
helpful people in the group suggested I go hardware to free some
resources and cycles. However, I have seen some people that use BOTH
H/W and S/W firewall. I scanned my system with ShieldsUp! and found
everything is stealth. My question is:

Do I still need a software firewall with this hardware one installed?

Thanks in advance!!!

- Robert Smith

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

[This followup was posted to comp.security.firewalls and a copy was sent
to the cited author.]

In article <CdyOc.182482$tH1.8031261@twister.southeast.rr.com>,
rsmith.remove@triad.rr.remove.com says...
> I finally purchased a hardware firewall (Netgear FVS318). Alot of
> helpful people in the group suggested I go hardware to free some
> resources and cycles. However, I have seen some people that use BOTH
> H/W and S/W firewall. I scanned my system with ShieldsUp! and found
> everything is stealth. My question is:
>
> Do I still need a software firewall with this hardware one installed?

It's still a good idea. In particular, most software firewalls also
monitor outgoing data on a PER PROGRAM basis. You can control excactly
which programs have access and prevent anything being sent, even if it's a
common port like 80.

Basically, unless you have a VERY fast connection, and a VERY slow
computer, the speed loss shouldn't be a big deal, if it's even detectable.
You could always help things a bit by setting the software firewall to
allow all incoming, if you believe the hardware firewall will fully
protect you.

Just remember that just blocking data ports alone doesn't cut it these
days. With spyware, adware, trojans, etc.. you need help on actual program
control.

--
If there is a no_junk in my address, please REMOVE it before replying!
All junk mail senders will be prosecuted to the fullest extent of the
law!!
http://home.att.net/~andyross

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

7/30/2004 5:24:33 PM

Andrew Rossmann <andysnewsreply@no_junk.comcast.net> wrote in message

MPG.1b74788d1cef603b989a47@news.comcast.giganews.com



> It's still a good idea. In particular, most software firewalls
also

> monitor outgoing data on a PER PROGRAM basis. You can control
excactly

> which programs have access and prevent anything being sent, even if
it's a

> common port like 80.

>

> Basically, unless you have a VERY fast connection, and a VERY
slow

> computer, the speed loss shouldn't be a big deal, if it's even
detectable.

> You could always help things a bit by setting the software firewall
to

> allow all incoming, if you believe the hardware firewall will fully


> protect you.

>

> Just remember that just blocking data ports alone doesn't cut it
these

> days. With spyware, adware, trojans, etc.. you need help on actual
program

> control.

>

> --

> If there is a no_junk in my address, please REMOVE it before
replying!

> All junk mail senders will be prosecuted to the fullest extent of
the

> law!!

> http://home.att.net/~andyross

Good advice Andrew! Thanks!!

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

Robert Smith wrote:
> I finally purchased a hardware firewall (Netgear FVS318). Alot of
> helpful people in the group suggested I go hardware to free some
> resources and cycles. However, I have seen some people that use BOTH
> H/W and S/W firewall. I scanned my system with ShieldsUp! and found
> everything is stealth. My question is:
>
> Do I still need a software firewall with this hardware one installed?
>
> Thanks in advance!!!
>
> - Robert Smith

Ask yourself the following questions:

1. Are you the exclusive user of your computing system(s)?
2. Do you apply and enforce safe computing practices on your equipment?
3. Do you engage in p2p file sharing across the Internet?
4. Do you rigorously patch new found Windows exploits (I know-that's a
full-time job)?
5. Do you use IE and Outlook/OE mail clients as your primary browser and
e-mail client?

I wouldn't bother adding a client PFW, unless you can't control your
computing environment or your behavior.

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

Andrew Rossmann wrote:

> [This followup was posted to comp.security.firewalls and a copy was sent
> to the cited author.]
>
> In article <CdyOc.182482$tH1.8031261@twister.southeast.rr.com>,
> rsmith.remove@triad.rr.remove.com says...
>
>>I finally purchased a hardware firewall (Netgear FVS318). Alot of
>>helpful people in the group suggested I go hardware to free some
>>resources and cycles. However, I have seen some people that use BOTH
>>H/W and S/W firewall. I scanned my system with ShieldsUp! and found
>>everything is stealth. My question is:
>>
>>Do I still need a software firewall with this hardware one installed?
>
>
> It's still a good idea. In particular, most software firewalls also
> monitor outgoing data on a PER PROGRAM basis. You can control excactly
> which programs have access and prevent anything being sent, even if it's a
> common port like 80.
>
> Basically, unless you have a VERY fast connection, and a VERY slow
> computer, the speed loss shouldn't be a big deal, if it's even detectable.
> You could always help things a bit by setting the software firewall to
> allow all incoming, if you believe the hardware firewall will fully
> protect you.
>
> Just remember that just blocking data ports alone doesn't cut it these
> days. With spyware, adware, trojans, etc.. you need help on actual program
> control.
>
You're correct, assuming he can't control himself or his computing
environment. Let's hope that's not the case.

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

7/30/2004 5:44:08 PM

optikl <optikl@invalid.net> wrote in message

<IizOc.60438$eM2.11183@attbi_s51>



> Andrew Rossmann wrote:

>

> > [This followup was posted to comp.security.firewalls and a copy
was sent

> > to the cited author.]

> >

> > In article <CdyOc.182482$tH1.8031261@twister.southeast.rr.com>,

> > rsmith.remove@triad.rr.remove.com says...

> >

> >>I finally purchased a hardware firewall (Netgear FVS318). Alot
of

> >>helpful people in the group suggested I go hardware to free some

> >>resources and cycles. However, I have seen some people that use
BOTH

> >>H/W and S/W firewall. I scanned my system with ShieldsUp! and
found

> >>everything is stealth. My question is:

> >>

> >>Do I still need a software firewall with this hardware one
installed?

> >

> >

> > It's still a good idea. In particular, most software firewalls
also

> > monitor outgoing data on a PER PROGRAM basis. You can control
excactly

> > which programs have access and prevent anything being sent, even
if it's a

> > common port like 80.

> >

> > Basically, unless you have a VERY fast connection, and a VERY
slow

> > computer, the speed loss shouldn't be a big deal, if it's even
detectable.

> > You could always help things a bit by setting the software
firewall to

> > allow all incoming, if you believe the hardware firewall will
fully

> > protect you.

> >

> > Just remember that just blocking data ports alone doesn't cut
it these

> > days. With spyware, adware, trojans, etc.. you need help on
actual program

> > control.

> >

> You're correct, assuming he can't control himself or his computing

> environment. Let's hope that's not the case.



I can control, but my wife also uses the system...

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

>

> Ask yourself the following questions:

>

> 1. Are you the exclusive user of your computing system(s)?

No...



> 2. Do you apply and enforce safe computing practices on your
equipment?

Yes!



> 3. Do you engage in p2p file sharing across the Internet?

No.



> 4. Do you rigorously patch new found Windows exploits (I know-
that's a

> full-time job)?

Yes.



> 5. Do you use IE and Outlook/OE mail clients as your primary
browser and

> e-mail client?

>

Yes. (Wife uses OE and I use Outlook 2k3)



> I wouldn't bother adding a client PFW, unless you can't control
your

> computing environment or your behavior.



I am extremely careful, but can't always vouch for my wife - if she
has a friend send her something, she might click before she looks...

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

In article <CdyOc.182482$tH1.8031261@twister.southeast.rr.com>,
rsmith.remove@triad.rr.remove.com says...
> I finally purchased a hardware firewall (Netgear FVS318). Alot of
> helpful people in the group suggested I go hardware to free some
> resources and cycles. However, I have seen some people that use BOTH
> H/W and S/W firewall. I scanned my system with ShieldsUp! and found
> everything is stealth. My question is:
>
> Do I still need a software firewall with this hardware one installed?

In general I would say that you don't need the PC based personal
firewall application, but since most users are unable to manage their
machines you may want to keep using it.

If your router, and that's what it is, not a real firewall, has logging
ability, and you can run a real-time capture program that will let you
watch the in/out bound traffic by IP/Port, and if you check it
frequently, then you really don't need to bother with the local copy on
your PC.

In the early days, when I was using a NAT device, I never had any
problems, but I used WallWatcher as a means to monitor what was entering
and leaving my network, it was an invaluable tool in the overall scheme
of network protection.

--
--
spamfree999@rrohio.com
(Remove 999 to reply to me)

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

In article <IizOc.60438$eM2.11183@attbi_s51>, optikl@invalid.net says...
> Andrew Rossmann wrote:
>
> > Just remember that just blocking data ports alone doesn't cut it these
> > days. With spyware, adware, trojans, etc.. you need help on actual program
> > control.
> >
> You're correct, assuming he can't control himself or his computing
> environment. Let's hope that's not the case.

The problem is, with virus's now being backdoors in disguise, and holes
in Windows and IE being found every day, you need all the help you can
get. Even if you practice safe computing, you never know if even a valid
web site hasn't been hacked and tries to download something.

--
If there is a no_junk in my address, please REMOVE it before replying!
All junk mail senders will be prosecuted to the fullest extent of the
law!!
http://home.att.net/~andyross

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

Andrew Rossmann wrote:
> In article <IizOc.60438$eM2.11183@attbi_s51>, optikl@invalid.net says...
>
>>Andrew Rossmann wrote:
>>
>>
>>> Just remember that just blocking data ports alone doesn't cut it these
>>>days. With spyware, adware, trojans, etc.. you need help on actual program
>>>control.
>>>
>>
>>You're correct, assuming he can't control himself or his computing
>>environment. Let's hope that's not the case.
>
>
> The problem is, with virus's now being backdoors in disguise, and holes
> in Windows and IE being found every day, you need all the help you can
> get. Even if you practice safe computing, you never know if even a valid
> web site hasn't been hacked and tries to download something.
>

Yes, web-sites can contain malicious content. But, safe computing is a
regimen. It's not a state one attains by loading up on AV, AT and ASW
utilities and PFW/IDS programs. It's about making good decisions, which
means relying on grey matter rather than code.

 

[Erik]

Archived from groups: comp.security.firewalls (More info?)

On Fri, 30 Jul 2004 20:30:26 GMT, the right honourable "Robert Smith"
<rsmith.remove@triad.rr.remove.com> wrote:

>I finally purchased a hardware firewall (Netgear FVS318). Alot of
>helpful people in the group suggested I go hardware to free some
>resources and cycles. However, I have seen some people that use BOTH
>H/W and S/W firewall. I scanned my system with ShieldsUp! and found
>everything is stealth. My question is:
>
>Do I still need a software firewall with this hardware one installed?
>
>Thanks in advance!!!
>
>- Robert Smith


A HW firewall will generally not look at the data content of packets.
Only at port numbers, protocol types, packet states, interfaces, MAC
addresses, traffic direction and such low-level things.

It can't, because by design, they have to be OS independent.
(at OSI-Transport or Network layer ?)
Behind the HW firewall there can be linux systems, or IBM AS400
computers, for which an PC backdoor program with extension can be
totally harmless.
What is harmful on one OS, is harmless on another.


Only an OS aware FW **PROGRAM** can then determin the danger, ON the
machine with **THAT** OS.

Maybe there are HW Windows FW's but I dunno... You'd have to buy a new
FW when upgrading Windows... yuk !!

So behind the HW FW, you need a SW FW, a virusscanner, and spyware
removal. All uo to date.

frgr
Erik

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

In article <uv6ng0t6drso30c5bs6hbs2lcb62vviiql@4ax.com>, Erik <et57 at
correos calor dot com> says...
> A HW firewall will generally not look at the data content of packets.
> Only at port numbers, protocol types, packet states, interfaces, MAC
> addresses, traffic direction and such low-level things.

There are quite a number of real firewalls that inspect the contents,
remove attachments by type, remove scripting, remove cookies, create
alias names, etc....



--
--
spamfree999@rrohio.com
(Remove 999 to reply to me)

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

In article <ElNOc.189572$%_6.157792@attbi_s01>, optikl@invalid.net says...
> Andrew Rossmann wrote:
> > In article <IizOc.60438$eM2.11183@attbi_s51>, optikl@invalid.net says...
> >
> >>Andrew Rossmann wrote:
> >>
> >>
> >>> Just remember that just blocking data ports alone doesn't cut it these
> >>>days. With spyware, adware, trojans, etc.. you need help on actual program
> >>>control.
> >>>
> >>
> >>You're correct, assuming he can't control himself or his computing
> >>environment. Let's hope that's not the case.
> >
> >
> > The problem is, with virus's now being backdoors in disguise, and holes
> > in Windows and IE being found every day, you need all the help you can
> > get. Even if you practice safe computing, you never know if even a valid
> > web site hasn't been hacked and tries to download something.
> >
>
> Yes, web-sites can contain malicious content. But, safe computing is a
> regimen. It's not a state one attains by loading up on AV, AT and ASW
> utilities and PFW/IDS programs. It's about making good decisions, which
> means relying on grey matter rather than code.

But can you fully trust even a big-name site? How can you guarantee they
are being smart and have their security up-to-date?

--
If there is a no_junk in my address, please REMOVE it before replying!
All junk mail senders will be prosecuted to the fullest extent of the
law!!
http://home.att.net/~andyross