Router a Firewall?

[Guest]

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

If my internet connection goes to my Linknsys wireless router first, do I
need the windows firewall enabled or a seperate firewall program to be
running on either computer?

 

[Guest]

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

You should turn on the Windows XP Internet Connection Firewall
for all computers in your home network. This helps prevent the spread of
viruses or worms across your network if a computer is infected. A computer
on the network could become infected through a separate Internet connection,
such as one on a laptop that is used on your home network and on public networks.
Or a virus could be introduced to a computer on your network by way of e-mail
or software installed from a CD or floppy disk.

Internet firewalls: Frequently asked questions
http://www.microsoft.com/athome/security/protect/firewall.mspx

--
Carey Frisch
Microsoft MVP
Windows XP - Shell/User

Be Smart! Protect Your PC!
http://www.microsoft.com/athome/security/protect/default.aspx

----------------------------------------------------------------------------

"Checkmate502" wrote:

| If my internet connection goes to my Linknsys wireless router first, do I
| need the windows firewall enabled or a seperate firewall program to be
| running on either computer?

 

[Guest]

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

"Checkmate502" <Checkmate502@discussions.microsoft.com> wrote in message
news:F833FB8A-7BA2-4F68-86DC-6689960BCCF6@microsoft.com...
> If my internet connection goes to my Linknsys wireless router first, do I
> need the windows firewall enabled or a seperate firewall program to be
> running on either computer?

Strictly speaking, the answer is no, as you'll already be protected from
inbound connection attempts. If you want a greater degree of protection,
however, I would suggest installing a third-party firewall on your
computers - specifically, something that controls outbound access. These
firewalls (kerio, zonealarm, etc) will help to ensure that programs like
spyware cannot make outbound connections - Windows Firewall doesn't control
outbound connections.

Dan
--
Dan DiNicolo
MCSE, CCNP, CCDA
http://www.2000trainers.com

 

[Guest]

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

SOHO Routers, through NAT, act as simplistic FireWalls.

To increase their effectiveness I highly suggest blocking both TCP and UDP ports 135 ~ 139
and 445 on *any* SOHO Router.

On many Linksys Routers this can be set at the following URL --
http://192.168.1.1/Filters.htm

--
Dave




"Checkmate502" <Checkmate502@discussions.microsoft.com> wrote in message
news:F833FB8A-7BA2-4F68-86DC-6689960BCCF6@microsoft.com...
| If my internet connection goes to my Linknsys wireless router first, do I
| need the windows firewall enabled or a seperate firewall program to be
| running on either computer?

 

[Guest]

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

They are simple packet filters, and that's about it.


"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
news:eqMcgnICFHA.2012@TK2MSFTNGP15.phx.gbl...
> SOHO Routers, through NAT, act as simplistic FireWalls.
>
> To increase their effectiveness I highly suggest blocking both TCP and UDP
> ports 135 ~ 139
> and 445 on *any* SOHO Router.
>
> On many Linksys Routers this can be set at the following URL --
> http://192.168.1.1/Filters.htm
>
> --
> Dave
>
>
>
>
> "Checkmate502" <Checkmate502@discussions.microsoft.com> wrote in message
> news:F833FB8A-7BA2-4F68-86DC-6689960BCCF6@microsoft.com...
> | If my internet connection goes to my Linknsys wireless router first, do
> I
> | need the windows firewall enabled or a seperate firewall program to be
> | running on either computer?
>
>

 

[Guest]

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

It is generally recommended to protect individual hosts with a firewall (the
Windows firewall does just fine; if you never get infected in the first
place, outbound connections are irrelevant...) and place those protected
hosts behind a firewall or router with packet filtering.


"Checkmate502" <Checkmate502@discussions.microsoft.com> wrote in message
news:F833FB8A-7BA2-4F68-86DC-6689960BCCF6@microsoft.com...
> If my internet connection goes to my Linknsys wireless router first, do I
> need the windows firewall enabled or a seperate firewall program to be
> running on either computer?

 

[Guest]

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

So can you put that in words the OP can understand answering his/her
question? Does he/she need the windows or a seperate firewall program
(software) to be running on either computer? I don't think the question was
"How to configure and close ports through NAT routing?"

"Quote: If my internet connection goes to my Linknsys wireless router
first, do I need the windows firewall enabled or a seperate firewall program
to be running on either computer?"

--
Star Fleet Admiral Q @ your service!


"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
news:eqMcgnICFHA.2012@TK2MSFTNGP15.phx.gbl...
> SOHO Routers, through NAT, act as simplistic FireWalls.
>
> To increase their effectiveness I highly suggest blocking both TCP and UDP
ports 135 ~ 139
> and 445 on *any* SOHO Router.
>
> On many Linksys Routers this can be set at the following URL --
> http://192.168.1.1/Filters.htm
>
> --
> Dave
>
>
>
>
> "Checkmate502" <Checkmate502@discussions.microsoft.com> wrote in message
> news:F833FB8A-7BA2-4F68-86DC-6689960BCCF6@microsoft.com...
> | If my internet connection goes to my Linknsys wireless router first, do
I
> | need the windows firewall enabled or a seperate firewall program to be
> | running on either computer?
>
>

 

[Guest]

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

On Tue, 01 Feb 2005 09:33:02 -0800, Checkmate502 wrote:

> If my internet connection goes to my Linknsys wireless router first, do I
> need the windows firewall enabled or a seperate firewall program to be
> running on either computer?

The router will block inbound connections that your computer(s) don't ask
for, but it does nothing to block outbound connections.

This means that as long as your computers are not compromised by something
you do (even if you don't know that you're doing it) that they won't be
compromised by an external connection that you didn't invite in.

Now, you've got to ask yourself other questions - like the following:

1) Do you have quality and updated antivirus software running on ALL
computers?

2) Do you regularly check for spyware using SpyBot Search and Destroy and
AdAwareSE?

3) Do you visit questionable sites?

4) Is your browser setup for HIGH-SECURITY MODE?

5) Are you using a safer/alternative browser than IE?

6) Are you using something other than Outlook Express for email?

7) If you are using OE for email, did you update all the Office products
on your computer - Windows Update does not update Office products.

8) Do you monitor the traffic logs provided in the Linksys router? A
simple product (free) called WallWatcher will let you see all traffic
going in/out of the router if you enable logging in it - this is a great
way to see what's happening on your network.

9) Do you run as a User level account? If you're running as an
Administrator level account you're asking for problems.

10) There's more, but these 9 should be the start.


--
spam999free@rrohio.com
remove 999 in order to email me

 

[Guest]

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

Checkmate502 wrote:
> If my internet connection goes to my Linknsys wireless router first, do I
> need the windows firewall enabled or a seperate firewall program to be
> running on either computer?


If you use a router with NAT, it's still a very good idea to use a
3rd party software firewall. Like WinXP's built-in firewall,
NAT-capable routers do nothing to protect the user from him/herself (or
any "curious," over-confident teenagers in the home). Again -- and I
*cannot* emphasize this enough -- almost all spyware and many Trojans
and worms are downloaded and installed deliberately (albeit unknowingly)
by the user. So a software firewall, such as Sygate or ZoneAlarm, that
can detect and warn the user of unauthorized out-going traffic is an
important element of protecting one's privacy and security. (Remember:
Most antivirus applications do not even scan for or protect you from
adware/spyware, because, after all, you've installed them yourself, so
you must want them there, right?)

I use both a router with NAT and Sygate Personal Firewall, even
though I generally know better than to install scumware. When it comes
to computer security and protecting my privacy, I prefer the old "belt
and suspenders" approach. In the professional IT community, this is
also known as a "layered defense." Basically, it comes down to never,
ever "putting all of your eggs in one basket."


--

Bruce Chambers

Help us help you:
http://dts-l.org/goodpost.htm
http://www.catb.org/~esr/faqs/smart-questions.html

You can have peace. Or you can have freedom. Don't ever count on having
both at once. - RAH

 

[Guest]

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

I don't know what you are trying to state but by specifically blocking those ports, traffic
from those ports won't pass the LAN/WAN interface and no Internet traffic using those ports
will pass the WAN/LAN interface. A very prudent action.

--
Dave




"Steve Clark [MSFT]" <bogus@microsoft.com> wrote in message
news:u%23v0PlLCFHA.1404@TK2MSFTNGP11.phx.gbl...
| They are simple packet filters, and that's about it.

 

[Guest]

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

On Tue, 01 Feb 2005 15:55:18 -0800, Steve Clark [MSFT] wrote:

> It is generally recommended to protect individual hosts with a firewall (the
> Windows firewall does just fine; if you never get infected in the first
> place, outbound connections are irrelevant...) and place those protected
> hosts behind a firewall or router with packet filtering.

The only people suggesting that the SP2 firewall is adequate for
protection are the non-security professionals in the group.

As a network designer and having never had a compromised network, I would
never trust any firewall product from MS to protect my networks or my
computers.

I have yet to see a third party (credible) resource that states with
certainty that the Sp2 firewall is actually capable of defending clients
workstations.

With all the people that don't have a clue about what to allow, what not
to click on when on the web, all of the compromised systems, all of the
people with File/Printer sharing enabled on a single PC networks, can you
really expect that a personal firewall app that is controlled by the
ignorant is going to protect them? NO!

A router that provides NAT is NOT a firewall, it's a router that does NAT.
NAT is not a firewall method, but a routing function. Firewalls do not
have to use NAT to protect networks. At the same time, NAT does make a
very nice first layer of defense for many networks, but, again, it's not a
firewall.

All home users that get internet access via Cable or DSL should have NAT
enabled on their ISP's modem or purchase a third-party router like the
Linksys BEFSR41. The router with NAT will do a better job protecting the
computer than the SP2 firewall.

--
spam999free@rrohio.com
remove 999 in order to email me