Firewalls=>2 are better than 1, right??


  #1  
Old 10-15-04, 07:52 AM
fatkid66's Avatar
Member
Thread Starter
Join Date: Sep 2002
Location: Northeast NJ
Posts: 247
Likes: 0
Received 0 Likes on 0 Posts
Question Firewalls=>2 are better than 1, right??

My other problems have been resolved, many thanks again.

Question time, as I said in my other post(http://forum.doityourself.com/showthread.php?t=184183), I have gotten a Linksys 4port DSL router for my puter, and I'm wondering if I should also get a software firewall, like the one supplied w/ XP(i read the post saying it was sort of basic, and only average), and if that would help, or present a conflict.
If I need a software one better than that I will have to look into it, if the router is ok, then I'll stick with that!!

Thanks
Frank
 
  #2  
Old 10-15-04, 08:22 AM
WorldBuilder's Avatar
Banned. Rule And/Or Policy Violation
Join Date: Mar 2004
Location: Boston, MA
Posts: 1,471
Likes: 0
Received 0 Likes on 0 Posts
2 firewalls is not necessarily better than one, and can actually be bad in some cases. My advice is to keep it simple, leave it as one. Use the one on the router.

Chris
 
  #3  
Old 10-15-04, 08:23 AM
fatkid66's Avatar
Member
Thread Starter
Join Date: Sep 2002
Location: Northeast NJ
Posts: 247
Likes: 0
Received 0 Likes on 0 Posts
Thanks Chris..I feel like I owe you guys BIGTIME!!!
 
  #4  
Old 10-15-04, 09:21 AM
R
Member
Join Date: Sep 2003
Location: Central New York State
Posts: 13,970
Likes: 0
Received 0 Likes on 0 Posts
A firewall allows or prevents packets from getting through. Packets are
collections of data that travel from one device on a network to another.

Because a firewall inspects each packet it adds delay.

Generally speaking, a hardware firewall (in most home and small business settings) is used to provide protection between the home/small business network (the LAN) and the Internet (WAN). They do not generally provide protection for packets being routed on the LAN between devices. The benefit of a hardware firewall is that it doesn't use computer resources, and you only need one to protect your whole network.

A software firewall is generally something installed on a single device, let's say a computer. This firewall will inspect incoming and outgoing packets on the computer. The disadvantage of a software firewall is that it uses computer resources, and you need one for each computer, unless you are using one computer as a router.

It is generally recommended to use both a hardware firewall to protect your LAN and then also to use a software firewall on each computer. This provides the best protection. These two firewalls don't generally conflict, since they are on separate devices.

Problems occur in the above setup when a packet is blocked. Generally you need to do some detective work and examine logs to see which firewall blocked a particular connection/transmission. You then allow that particular connection. You may then find that the next firewall may then block the same connection.

This gets very complicated when you have two software firewalls on a computer. One firewall will process the packets before the other, but your job of determining which firewall blocked the packet is a little tougher, since you now have two software firewalls to check, and possibly a hardware firewall. It is not generally recommended that you run two software firewalls on the same computer, unless you are using them to protect different network interfaces.

The most important point regarding firewalls is that you must have them enabled for them to work. That was the big problem with the Windows XP firewall. It was turned off by default, until Service Pack 2. Most users didn't bother to turn it on, many not knowing how and/or not even knowing it existed or what it was for. Service Pack 2 turns it on, which causes problems because once again, people don't know what it's for or how to properly configure it. They just find something no longer working on their computer and think that service pack 2 has broken something and/or doesn't work, not realizing that service pack 2 is working just fine, they just don;t know how to use it.
 
  #5  
Old 10-15-04, 11:50 AM
D
Member
Join Date: May 2002
Location: USA
Posts: 858
Received 7 Likes on 6 Posts
The hardware firewall in the router provides basic incoming protection, the advantage to a software firewall running on a PC is that it will also monitor outgoung traffic, so when a new app requests access you can research it and determine what it is, this is a good way to detect trojans on your system, the router firewall will do noting to protect you against outbound threats.
 
  #6  
Old 10-15-04, 11:56 AM
R
Member
Join Date: Sep 2003
Location: Central New York State
Posts: 13,970
Likes: 0
Received 0 Likes on 0 Posts
Dave, it depends on the hardware firewall. A good hardware firewall protects both outgoing and incoming.
 
  #7  
Old 10-15-04, 01:10 PM
D
Member
Join Date: May 2002
Location: USA
Posts: 858
Received 7 Likes on 6 Posts
True, but I was basing my statement on the following;

1. A router purchased by the average home user usually mostly deals with incoming data in it's default firewall configuration.

2. A router purchased by the average home user usually remains in it's default firewall configuration, and isn't setup as secure as it could be. It's even worse with everyone going wireless, now we have wireless routers broadcasting their SSID's all over the neighborhood, inviting you to join the unsecure network.

Most people are happy in their computing life knowing how to use a computer, just like driving a car, they could really care less how it works, nor do many realize that, just like a car, there is maintenance to be done and precautionary measures to be taken in order to enure the PC operates reliably.
 
  #8  
Old 10-17-04, 02:10 PM
las
Visiting Guest
Posts: n/a
SP-2 firewall better then SP-1

I would say definetly SP-2 Is better faster..It's all I'm using!
 
  #9  
Old 10-20-04, 09:26 PM
steve_gro's Avatar
Member
Join Date: Jan 2004
Location: San Francisco
Posts: 1,092
Likes: 0
Received 1 Like on 1 Post
password

You should also change the default router password to something other than 'admin'.
 
 

Thread Tools
Search this Thread
 
Ask a Question
Question Title:
Description:
Your question will be posted in: