Software fw and hw as well?

Associate
Joined
5 Jun 2007
Posts
299
Until yesterday I had been using zonealarm as well as a firewall on my router, but i had problems with zonealarm and I have had to get rid of it. So my question is am I safe enough just using a hw fw? I felt more secure with za to back it up.
 
Behind NAT you are pretty safe, it's just if you want to control program access to the outside world (block adobe updater, etc.) Or if you get a trojan.

Personally, I would feel pretty safe without KIS firewall, but prefer to have it on.
 
behind a hw firewall your pretty safe from incoming connections, provided you configured your firewall correctly...

but for outbound stuff your pretty much free to do whatever if your using default configs (unless youve locked it down manually). The outbound connections are source natted to the public ip address of the router for all ports and protocols, this means that if you download a trojan and it decides to spew out a load of spam, there will be nothing stopping it (unless your isp drops it).

Thats where the sw firewall comes in, the sw firewall will block incoming and outgoing connections, although personally i think they are overkill - just apply a bit of common sense to your browsing and learn the operating system and you reduce the chance of picking up a virus or trojan by a lot.

However, if your the paranoid type, you can block all outbound access on the hw fw, configure a proxy (squid?) and only the proxy outbound access over ports 20,21,80,443 and any other ports you use, and tunnel all your traffic through the proxy. Again overkill if you ask me for a home network.
 
ZoneAlarm is rubbish, i ditched it years ago through no end of problems, im now using Comodo which is brilliant and free, and its always best to have a software fw as well imo, as your router only stops everything getting in, but lets everything out still, so with a software fw as well, you can control what you want to get out.

http://www.personalfirewall.comodo.com/index-hireit.html
 
Your router won't stop everything getting in, or you wouldn't be able to access the internet.
What firewall is on the router, and what router is it?
 
Your router won't stop everything getting in, or you wouldn't be able to access the internet.
What firewall is on the router, and what router is it?

ok as default a standard home router will drop NEW connections made to the public ip address on the router.

however, established / related connections will be relayed back through to the local ip address that originated the traffic flow / connection

no NAT isnt a firewall, it is to do with the the translation of addresses, in the home environment usually a local to public address, but is more often than including with a home router / modem / nat box / firewall so these terms are merged.
 
Back
Top Bottom