Security After Installing a New Router

TheMSsForum.com: The Microsoft Software Forum

I just installed a new Linksys 4 port cable/dsl router.
It has built in firewall. Just how good are these router
firewalls? There does not seem to be any way of knowing
whether or not it is working, unlike a software firewall
like ZoneAlarm that can constantly remind you when a
threat is blocked. Also, should I use a software
firewall in addition to the router firewall? TIA.
Top

Re: Security After Installing a New Router by Bill

Bill
Sat Aug 07 19:29:51 CDT 2004

You could test. There are lots of better sites with firewall tests, but one
that can do this is www.grc.com.

Many routers don't include true firewalls, but the NAT functionality in them
rejects unsolicited inbound packets--i.e. if a packet comes inbound from a
host with which there is not an existing outbound connection already, it
gets dropped.

This works very well for many purposes, but it does nothing for outbound
connections. You are, in fact, probably better off for the lack of
notification that the router is doing its job. If you want entertainment,
set up logging on the router, and install a logreader application on your
machine--you can even autosubmit such logs to various bodies, I believe.

If you want to be notified of outbound communications from your own machine,
install a third-party software firewall.

"chap_cat" <anonymous@discussions.microsoft.com> wrote in message
news:220301c47cdd$5185db00$a601280a@phx.gbl...
>I just installed a new Linksys 4 port cable/dsl router.
> It has built in firewall. Just how good are these router
> firewalls? There does not seem to be any way of knowing
> whether or not it is working, unlike a software firewall
> like ZoneAlarm that can constantly remind you when a
> threat is blocked. Also, should I use a software
> firewall in addition to the router firewall? TIA.


Top

Re: Security After Installing a New Router by S

S
Sat Aug 07 19:30:42 CDT 2004

Enterprise firewalls, as well as the router firewalls, do not interact with
the users, yet provide sufficient levels of protection. Use online security
scanners to verify configuration of your router's firewalls; do not give up
the discipline of updating all of your operating systems (including
non-Windows) with patches, antivirus and malware scanners - with new
signatures. However, it is OK to trust router network filtering facility.

--
Svyatoslav Pidgorny, MVP, MCSE
-= F1 is the key =-


"chap_cat" <anonymous@discussions.microsoft.com> wrote in message
news:220301c47cdd$5185db00$a601280a@phx.gbl...
> I just installed a new Linksys 4 port cable/dsl router.
> It has built in firewall. Just how good are these router
> firewalls? There does not seem to be any way of knowing
> whether or not it is working, unlike a software firewall
> like ZoneAlarm that can constantly remind you when a
> threat is blocked. Also, should I use a software
> firewall in addition to the router firewall? TIA.


Top

Re: Security After Installing a New Router by Karl

Karl
Sun Aug 08 10:07:06 CDT 2004


"chap_cat" <anonymous@discussions.microsoft.com> wrote in message
news:220301c47cdd$5185db00$a601280a@phx.gbl...
> I just installed a new Linksys 4 port cable/dsl router.
> It has built in firewall. Just how good are these router
> firewalls?

They can be good, but firewall strength is often determined by your personal
skill in configuring them. Very possibly, by default, nothing is blocked
outbound, which is not ideal. It means that if your computer is compromised
by a virus or trojan, you'll never know it or be able to block it.

> There does not seem to be any way of knowing
> whether or not it is working, unlike a software firewall
> like ZoneAlarm that can constantly remind you when a
> threat is blocked. Also, should I use a software
> firewall in addition to the router firewall? TIA.

Using a software firewall is not mandatory, but it does increase your
security. Software host-based firewalls are able to do things external
hardware firewalls will never be able to do, like know which executable
opened a particular connection, tell when that executable has changed, and
block that connection based on which executable initiated it. External
firewalls generally allow all traffic on a particular port like TCP 80
without caring what data is being passed through that port. www.kerio.com,
www.sygate.com and www.zonealarm.com are respected free software firewalls.


Top

Re: Security After Installing a New Router by Russell

Russell
Sun Aug 08 11:57:53 CDT 2004

I have a D-link rounter with the logging sent to my
machine, I installed the Kiwi syslog service. Then send the
logs to Dshield.org. Get a report from them every day
about blocked traffic, about 5000 or less blocks; generally
nothing earth shattering, mostly Ports 137, 445, 135. But
one time, for about aweek, I got about 300,000 blocks a day
from some one doing an attack of me for some reason.


>-----Original Message-----
>You could test. There are lots of better sites with
firewall tests, but one
>that can do this is www.grc.com.
>
>Many routers don't include true firewalls, but the NAT
functionality in them
>rejects unsolicited inbound packets--i.e. if a packet
comes inbound from a
>host with which there is not an existing outbound
connection already, it
>gets dropped.
>
>This works very well for many purposes, but it does
nothing for outbound
>connections. You are, in fact, probably better off for
the lack of
>notification that the router is doing its job. If you
want entertainment,
>set up logging on the router, and install a logreader
application on your
>machine--you can even autosubmit such logs to various
bodies, I believe.
>
>If you want to be notified of outbound communications from
your own machine,
>install a third-party software firewall.
>
>"chap_cat" <anonymous@discussions.microsoft.com> wrote in
message
>news:220301c47cdd$5185db00$a601280a@phx.gbl...
>>I just installed a new Linksys 4 port cable/dsl router.
>> It has built in firewall. Just how good are these router
>> firewalls? There does not seem to be any way of knowing
>> whether or not it is working, unlike a software firewall
>> like ZoneAlarm that can constantly remind you when a
>> threat is blocked. Also, should I use a software
>> firewall in addition to the router firewall? TIA.
>
>
>.
>
Top

Re: Security After Installing a New Router by Bill

Bill
Mon Aug 09 22:28:25 CDT 2004

I've seen very few folks who can really document an "attack."

Generally what the kind of stats you are quoting mean, is that you are on a
dynamic IP, and have inherited an IP which was previously used by somebody
who shared stuff using a peer-to-peer sharing app, such as Kazaa.

Check out the port numbers on the traffic--you may well find that the
packets are more characteristic of peer-to-peer sharing applications than of
any sort of probe or attempt to deny you access to the Internet.


"Russell" <newsgroup@paperdragon.ca> wrote in message
news:247c01c47d68$d82e72d0$a401280a@phx.gbl...
>I have a D-link rounter with the logging sent to my
> machine, I installed the Kiwi syslog service. Then send the
> logs to Dshield.org. Get a report from them every day
> about blocked traffic, about 5000 or less blocks; generally
> nothing earth shattering, mostly Ports 137, 445, 135. But
> one time, for about aweek, I got about 300,000 blocks a day
> from some one doing an attack of me for some reason.
>
>
>>-----Original Message-----
>>You could test. There are lots of better sites with
> firewall tests, but one
>>that can do this is www.grc.com.
>>
>>Many routers don't include true firewalls, but the NAT
> functionality in them
>>rejects unsolicited inbound packets--i.e. if a packet
> comes inbound from a
>>host with which there is not an existing outbound
> connection already, it
>>gets dropped.
>>
>>This works very well for many purposes, but it does
> nothing for outbound
>>connections. You are, in fact, probably better off for
> the lack of
>>notification that the router is doing its job. If you
> want entertainment,
>>set up logging on the router, and install a logreader
> application on your
>>machine--you can even autosubmit such logs to various
> bodies, I believe.
>>
>>If you want to be notified of outbound communications from
> your own machine,
>>install a third-party software firewall.
>>
>>"chap_cat" <anonymous@discussions.microsoft.com> wrote in
> message
>>news:220301c47cdd$5185db00$a601280a@phx.gbl...
>>>I just installed a new Linksys 4 port cable/dsl router.
>>> It has built in firewall. Just how good are these router
>>> firewalls? There does not seem to be any way of knowing
>>> whether or not it is working, unlike a software firewall
>>> like ZoneAlarm that can constantly remind you when a
>>> threat is blocked. Also, should I use a software
>>> firewall in addition to the router firewall? TIA.
>>
>>
>>.
>>


Top