Go Back   Computer Forums > General Computing > Hardware
Click Here to Login
Join Computer forums Today


Reply
 
Thread Tools Search this Thread Display Modes
 
Old 09-12-2009, 07:36 AM   #11
In Runtime
 
Join Date: Jul 2009
Posts: 136
Default Re: Firewall suggestions...and Why do I need one,again?

OK,I finally accessed all the info about my wireless router...d-link,DI-524...I see how to activate filters for keyword URL blocking and domain blocking.More advanced settings called "Firewall Rules" are contained in the manual (wha?? I thought I was looking at the manual) and DMZ.

In addition to the Router,I have enabled my Windows firewall ( XP ),which was shut off (probably turned off by the previous McAfee program).

OK,so I have 2 firewalls now...sew...why do I need them,and what should I do with them,and what are they doing for me???
__________________

__________________
I heartily recommend Root-a-pedia! It's all I use. Never let's you down.
Juan handed is offline   Reply With Quote
Old 09-12-2009, 05:12 PM   #12
In Runtime
 
TitanMATRIX's Avatar
 
Join Date: Jul 2009
Posts: 202
Send a message via MSN to TitanMATRIX
Default Re: Firewall suggestions...and Why do I need one,again?

Quote:
Originally Posted by jmacavali View Post
Ehh, I can live with that.
acceptance is the first step to recovery
__________________

__________________
***Network Warrior***
TitanMATRIX is offline   Reply With Quote
Old 09-12-2009, 05:40 PM   #13
Daemon Poster
 
Join Date: Feb 2008
Posts: 758
Default Re: Firewall suggestions...and Why do I need one,again?

You can't use to as they will cancel each other out. Just use the hardware firewall and you'll be fine.
bruinator is offline   Reply With Quote
Old 09-12-2009, 06:09 PM   #14
Site Team
 
berry120's Avatar
 
Join Date: Jul 2009
Location: England, UK
Posts: 3,425
Default Re: Firewall suggestions...and Why do I need one,again?

Quote:
OK,so I have 2 firewalls now...sew...why do I need them,and what should I do with them,and what are they doing for me???
Firstly - let me try and clear a few things up.
Quote:
Don't use two firewalls, that is a bad idea.
This is true when we're talking about two software firewalls on the same machine, they'll more than likely conflict with each other and the possible minute advantage that one program may catch what another lets through is so small it's not worth considering.
However, if we're talking about a hardware firewall, be it a dedicated unit or (more likely) one built into your router, and a software firewall (such as the default XP firewall) working together then there's no issues with this whatsoever, and it's a smart idea to enable both.

So what do they do?

The hardware firewall in your router will most likely just examine packets coming into your network. Some of the stand alone expensive ones will actually monitor and block traffic going through the network internally as well, but this tends to be overkill for the home user. Anyway, it'll look at the headers of these packets and determine based on their content whether to let them through or not by a number of pre-defined rules. If the packet is a reply to a HTTP request from google.com for example, it'll almost definitely be let through. If it's from an unknown IP and is a seemingly random request trying to reach all computers on the network on a port that's not being used, it'll almost definitely be blocked. Those are two rather loose examples but roughly speaking, they're what hardware firewalls do - it's in a way your first line of defence. Whilst software firewalls will often block similar requests to hardware ones anyway, a hardware one will:
a) stop malicious traffic ever getting into the network in the first place, which is always better practice than letting it get all the way to the PC
b) stop (or should help prevent) individual machines becoming overloaded and slowing down stupidly as a result of lots of malicious packets
c) not be at risk (or have a very low risk) of becoming infected in a way that stops the firewall working. With PCs, software firewalls and dodgy browsing this can often be the case...

Software firewalls have a number of differences, and can perform extra functions that hardware firewalls can't. Because they're on machines, they can be far more specific (i.e. go down as far as saying what applications are specifically allowed to receive and send data on what ports, how much data, sometimes even when they're allowed to send it etc.) than a hardware firewall. They can also monitor malicious traffic going out from the individual PC so that if one PC gets affected, it can at least help to make sure malware and backdoors on a single PC don't bring the whole network down.

So do you need them? A bit worryingly, the consencus above seems to be that "as long as you browse conservatively, you don't." This really isn't true... whilst it HELPS to browse with care and is true on the antivirus front, don't be fooled - anyone can mount an attack on you whether your careful with browsing or not, they could know your IP, stumble across it randomly or find it out somewhere. And if they do and you're completely unprotected... it doesn't help how "nicely" you browse! In fairness, specific targetted attacks are increasingly rare so the above isn't totally false. If you download a virus onto your PC through browsing sillily and don't have a software firewall then said virus can and probably will spread itself far and wide, and having one will at least partly help with this. Just don't go away thinking you're completely safe if you haven't got one - I'd personally recommend leaving the windows one enabled if nothing else!

And that brings me to another point, how is one firewall better than another? It used to be the case that free or built in software firewalls (such as XPs firewall years back) didn't monitor outgoing traffic, and as such people recommended installing a 3rd party firewall that did for better protection. These days though it's really not necessary for most users. The general thing you'll get by paying more, or at all these days, is far more customisation potential - and that's what means heightened security because you can really drill down and filter loads of that bad traffic out that might have escaped a general built in rule. With hardware firewalls you do get a lot more in terms of reliability and throughput as well, especially with regard to DDOS attacks. That's a whole different ball game though!

So yeah - you should have a firewall. But if you just enable your default hardware firewall and the default XP one these days, you should be fine
berry120 is offline   Reply With Quote
Old 09-12-2009, 10:24 PM   #15
In Runtime
 
TitanMATRIX's Avatar
 
Join Date: Jul 2009
Posts: 202
Send a message via MSN to TitanMATRIX
Default Re: Firewall suggestions...and Why do I need one,again?

Quote:
Originally Posted by berry120 View Post
Firstly - let me try and clear a few things up.

This is true when we're talking about two software firewalls on the same machine, they'll more than likely conflict with each other and the possible minute advantage that one program may catch what another lets through is so small it's not worth considering.
However, if we're talking about a hardware firewall, be it a dedicated unit or (more likely) one built into your router, and a software firewall (such as the default XP firewall) working together then there's no issues with this whatsoever, and it's a smart idea to enable both.

So what do they do?

The hardware firewall in your router will most likely just examine packets coming into your network. Some of the stand alone expensive ones will actually monitor and block traffic going through the network internally as well, but this tends to be overkill for the home user. Anyway, it'll look at the headers of these packets and determine based on their content whether to let them through or not by a number of pre-defined rules. If the packet is a reply to a HTTP request from google.com for example, it'll almost definitely be let through. If it's from an unknown IP and is a seemingly random request trying to reach all computers on the network on a port that's not being used, it'll almost definitely be blocked. Those are two rather loose examples but roughly speaking, they're what hardware firewalls do - it's in a way your first line of defence. Whilst software firewalls will often block similar requests to hardware ones anyway, a hardware one will:
a) stop malicious traffic ever getting into the network in the first place, which is always better practice than letting it get all the way to the PC
b) stop (or should help prevent) individual machines becoming overloaded and slowing down stupidly as a result of lots of malicious packets
c) not be at risk (or have a very low risk) of becoming infected in a way that stops the firewall working. With PCs, software firewalls and dodgy browsing this can often be the case...

Software firewalls have a number of differences, and can perform extra functions that hardware firewalls can't. Because they're on machines, they can be far more specific (i.e. go down as far as saying what applications are specifically allowed to receive and send data on what ports, how much data, sometimes even when they're allowed to send it etc.) than a hardware firewall. They can also monitor malicious traffic going out from the individual PC so that if one PC gets affected, it can at least help to make sure malware and backdoors on a single PC don't bring the whole network down.

So do you need them? A bit worryingly, the consencus above seems to be that "as long as you browse conservatively, you don't." This really isn't true... whilst it HELPS to browse with care and is true on the antivirus front, don't be fooled - anyone can mount an attack on you whether your careful with browsing or not, they could know your IP, stumble across it randomly or find it out somewhere. And if they do and you're completely unprotected... it doesn't help how "nicely" you browse! In fairness, specific targetted attacks are increasingly rare so the above isn't totally false. If you download a virus onto your PC through browsing sillily and don't have a software firewall then said virus can and probably will spread itself far and wide, and having one will at least partly help with this. Just don't go away thinking you're completely safe if you haven't got one - I'd personally recommend leaving the windows one enabled if nothing else!

And that brings me to another point, how is one firewall better than another? It used to be the case that free or built in software firewalls (such as XPs firewall years back) didn't monitor outgoing traffic, and as such people recommended installing a 3rd party firewall that did for better protection. These days though it's really not necessary for most users. The general thing you'll get by paying more, or at all these days, is far more customisation potential - and that's what means heightened security because you can really drill down and filter loads of that bad traffic out that might have escaped a general built in rule. With hardware firewalls you do get a lot more in terms of reliability and throughput as well, especially with regard to DDOS attacks. That's a whole different ball game though!

So yeah - you should have a firewall. But if you just enable your default hardware firewall and the default XP one these days, you should be fine
What he siad....
__________________
***Network Warrior***
TitanMATRIX is offline   Reply With Quote
Old 09-13-2009, 08:22 PM   #16
Fully Optimized
 
jmacavali's Avatar
 
Join Date: Jun 2009
Posts: 4,867
Default Re: Firewall suggestions...and Why do I need one,again?

Quote:
Originally Posted by TitanMATRIX View Post
acceptance is the first step to recovery
I can 'live with it' not necessarily accept that it is any thing I need to recover from.
__________________
****************************************
Don't take life too seriously -- no one gets out alive. Plus, who wants to arrive to the hereafter in pristine condition wearing a suit and tie?
I want to slide in sideways, worn out, used up, hair a mess, clothes tattered, & screaming, "Whooo! What a ride!"
****************************************
jmacavali is offline   Reply With Quote
Old 09-14-2009, 12:15 AM   #17
In Runtime
 
Join Date: Jul 2009
Posts: 136
Default Re: Firewall suggestions...and Why do I need one,again?

Quote:
Originally Posted by berry120 View Post
Firstly - let me try and clear a few things up.

This is true when we're talking about two software firewalls on the same machine, they'll more than likely conflict

So what do they do?

The hardware firewall in your router will

a) stop malicious traffic ever getting into the network in the first place, which is always better practice than letting it get all the way to the PC
b) stop (or should help prevent) individual machines becoming overloaded and slowing down stupidly as a result of lots of malicious packets
c) not be at risk (or have a very low risk) of becoming infected in a way that stops the firewall working. With PCs, software firewalls and dodgy browsing this can often be the case...

Software firewalls have a number of differences, and can perform extra functions that hardware firewalls can't. Because they're on machines, they can be far more specific (i.e. go down as far as saying what applications are specifically allowed to receive and send data on what ports, how much data, sometimes even when they're allowed to send it etc.) than a hardware firewall. They can also monitor malicious traffic going out from the individual PC so that if one PC gets affected, it can at least help to make sure malware and backdoors on a single PC don't bring the whole network down.

So do you need them?

So yeah - you should have a firewall. But if you just enable your default hardware firewall and the default XP one these days, you should be fine

Thanks Berry for the well detailed explanation.The way you suggest is the way I have it set now.
__________________

__________________
I heartily recommend Root-a-pedia! It's all I use. Never let's you down.
Juan handed is offline   Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off



All times are GMT -5. The time now is 10:44 PM.


Powered by vBulletin® Version 3.8.8 Beta 4
Copyright ©2000 - 2017, vBulletin Solutions, Inc.
Search Engine Friendly URLs by vBSEO 3.6.0