Read the article that everyone's commenting on.
Subscribe to the RSS Feed for comments on this article.
Nice article Leo. Would a router + antivirus combo be an effective solution? Assuming that the antivirus software is installed prior to any infection, it would stop problems on the local LAN. The router would then stop external external threats therefore providing a comprehensive layer of protection.
Posted by: Alex at March 17, 2008 10:14 PM
I agree with all your logic, Leo. And since I am in the situation you describe (behind a router and trust all computers on my network), I used to not use a software firewall.
However, one day it dawned on me that if through some fault of my own, I did actually get spyware (for example, a keylogger) installed on my computer, having a software firewall would at the very least alert me and cause me to block any attempt by said keylogger to transmit its collected data.
As a result, I use Zonealarm free. In my mind, it provides just a little extra layer of protection.
However, if I'm missing something here, please tell me, as I would love to be able to uninstall Zonealarm so as to have one less program loading at start up.
Posted by: Michael at March 18, 2008 10:19 AM
I find Comodo to be better than Zone alarm, seems more user friendly, and doesn't seem to take up much resources.
Posted by: Fred at March 22, 2008 4:17 AM
I use mostly Linux so very limited anti virus or firewall but I do also have XP and recently I disabled C.O.M.O.D.O. and have observed an increase in speed...I have a NAPT router and so far I have been OK...The system I am on now is Desktop BSD,so I reckon I am reasonably safe with BSD and my router.
Posted by: Hugh E Torrance at March 22, 2008 5:40 AM
Personally, I prefer a software firewall (or any) to tell me what programs I trying to access the internet. I download a program of the internet, install it and no more than finished when my firewall warns me its trying to acess its update site, no other warning. I hate programs that try to update without any warning. I hat programs that give you a warning but still try to update. Of course most programs give you the option to disable 'automatic updating', one of the first things I look for. But I've installed programs that will not even give you that option.
I don't have a router I have a switch that I've had forever. A GNET 5 port 10/100 switch. Its not programable like a router. But even if I had a router, I would prefer to have a firewall.
Posted by: Terry Hollett at March 22, 2008 6:11 AM
I also use a firewall to block local processes from accessing the internet. Certain programs (acrobat reader comes to mind) always check for updates when run and some insist on installing unwanted software with the update. A firewall is the most simple way to block this. I don't want to be asked to update programs like this unless I am experiencing a problem because the program is too old.
It can also be a good warning that a program is accessing the internet that you do not expect. This has happended several times for me and I was able to use Mike Linn's startup manager to remove unnecessary update processes on my system (and save my system resources for programs I WANT).
Posted by: Andrew Haase at March 22, 2008 10:04 AM
Although its complicated and not easy to find, Windows XP Pro itself does have some form of rudimentary firewall. I saw a computer with a dial-up connection, connected at about 50Kbps which was quite good for dial-up, but nothing useful could be done with the connection because something else was using it to transmit some other data.
There was no software firewall, but since it was all on the same outgoing port, I was able to block the traffic using Windows IP Security Policies. Of course IP Security policies are very basic, a nightmare to use and not very clever/powerful but in this case they did the trick. Next stage is to find out what was causing that traffic and get rid of it!
(As an aside- the Linksys WRT54G mentioned in the original question is a very flexible router that can be reflashed using a few different 3rd party firmwares to do pretty much anything really. You can install a linux shell to it and then program it as you wish within the constraints of its CPU and memory available (which differs from version to version).
Posted by: Eli Coten at March 22, 2008 6:19 PM
After reading the article "Does my router have a firewall or not?" can I safely assume that the firewall function is on?
On setting up my router I did no more than put in user name and password.I did not put in any settings for firewall protection.
Posted by: Gordon Carswell at October 11, 2011 2:50 PM
@Gordon
Normally the router firewall is on and any exceptions have to be manually set.
Posted by: Mark J at October 11, 2011 9:59 PM
Read the article that everyone's commenting on.
Subscribe to the RSS Feed for comments on this article.
Comments
Read the article that everyone's commenting on.
Subscribe to the RSS Feed for comments on this article.
Nice article Leo. Would a router + antivirus combo be an effective solution? Assuming that the antivirus software is installed prior to any infection, it would stop problems on the local LAN. The router would then stop external external threats therefore providing a comprehensive layer of protection.
Posted by: Alex at March 17, 2008 10:14 PMI agree with all your logic, Leo. And since I am in the situation you describe (behind a router and trust all computers on my network), I used to not use a software firewall.
However, one day it dawned on me that if through some fault of my own, I did actually get spyware (for example, a keylogger) installed on my computer, having a software firewall would at the very least alert me and cause me to block any attempt by said keylogger to transmit its collected data.
As a result, I use Zonealarm free. In my mind, it provides just a little extra layer of protection.
However, if I'm missing something here, please tell me, as I would love to be able to uninstall Zonealarm so as to have one less program loading at start up.
Posted by: Michael at March 18, 2008 10:19 AMI find Comodo to be better than Zone alarm, seems more user friendly, and doesn't seem to take up much resources.
Posted by: Fred at March 22, 2008 4:17 AMI use mostly Linux so very limited anti virus or firewall but I do also have XP and recently I disabled C.O.M.O.D.O. and have observed an increase in speed...I have a NAPT router and so far I have been OK...The system I am on now is Desktop BSD,so I reckon I am reasonably safe with BSD and my router.
Posted by: Hugh E Torrance at March 22, 2008 5:40 AMPersonally, I prefer a software firewall (or any) to tell me what programs I trying to access the internet. I download a program of the internet, install it and no more than finished when my firewall warns me its trying to acess its update site, no other warning. I hate programs that try to update without any warning. I hat programs that give you a warning but still try to update. Of course most programs give you the option to disable 'automatic updating', one of the first things I look for. But I've installed programs that will not even give you that option.
I don't have a router I have a switch that I've had forever. A GNET 5 port 10/100 switch. Its not programable like a router. But even if I had a router, I would prefer to have a firewall.
http://www.geocities.com/terryhollett2003/
Posted by: Terry Hollett at March 22, 2008 6:11 AMI also use a firewall to block local processes from accessing the internet. Certain programs (acrobat reader comes to mind) always check for updates when run and some insist on installing unwanted software with the update. A firewall is the most simple way to block this. I don't want to be asked to update programs like this unless I am experiencing a problem because the program is too old.
Posted by: Andrew Haase at March 22, 2008 10:04 AMIt can also be a good warning that a program is accessing the internet that you do not expect. This has happended several times for me and I was able to use Mike Linn's startup manager to remove unnecessary update processes on my system (and save my system resources for programs I WANT).
Although its complicated and not easy to find, Windows XP Pro itself does have some form of rudimentary firewall. I saw a computer with a dial-up connection, connected at about 50Kbps which was quite good for dial-up, but nothing useful could be done with the connection because something else was using it to transmit some other data.
There was no software firewall, but since it was all on the same outgoing port, I was able to block the traffic using Windows IP Security Policies. Of course IP Security policies are very basic, a nightmare to use and not very clever/powerful but in this case they did the trick. Next stage is to find out what was causing that traffic and get rid of it!
(As an aside- the Linksys WRT54G mentioned in the original question is a very flexible router that can be reflashed using a few different 3rd party firmwares to do pretty much anything really. You can install a linux shell to it and then program it as you wish within the constraints of its CPU and memory available (which differs from version to version).
Posted by: Eli Coten at March 22, 2008 6:19 PMAfter reading the article "Does my router have a firewall or not?" can I safely assume that the firewall function is on?
Posted by: Gordon Carswell at October 11, 2011 2:50 PMOn setting up my router I did no more than put in user name and password.I did not put in any settings for firewall protection.
@Gordon
Posted by: Mark J at October 11, 2011 9:59 PMNormally the router firewall is on and any exceptions have to be manually set.
To post a comment on "Does my router have a firewall or not?", please return to that article's main page.