TechSpot

Curious question about firewalls....

By Eslavs
Feb 14, 2007
  1. Hopefully someone can clear this up for me:

    I'm running a wireless network at home with a linksys wireless b router. I'm also using the windows firewall supplied with xp. On my network connection settings, it shows that my wireless connection is firewalled. Does the router supply a hardware firewall? If so, is that firewall (coupled with the windows firewall) sufficient, or should I be running something like zonealarm instead?
     
  2. raybay

    raybay TS Evangelist Posts: 10,716   +6

    If you have experience with Zone Alarm, it is an excellent choice, as is Kerio. However, Zone Alarm can present a few difficulties with some users of Internet Explorer 7.0.
    We think Zone Alarm is one of the best tools we use for security, and prefer to have it on any system.
    Cannot comment on your wireless network at home without more info on your connection.
     
  3. Rick

    Rick TechSpot Staff Posts: 6,305   +52 Staff Member

    Every home router employs NAT, which is a technology that makes direct access to the computers behind a router more difficult.

    In addition to NAT, most routers (and I'm sure you does as well) have a firewall. This firewall blocks incoming connections only and not outgoing connections.

    ZoneAlarm blocks incoming AND outgoing connections. While a router firewall will keep your system from becoming compromised - if it ever does become compromised - blocking outgoing traffic will offer an additional layer of protection. Software firewalls are much more configurable, although it could be argued they are not as secure as a hardware firewall (Bugs, problems and unexpected behavior do certainly exist).

    So which is better?

    The software firewall, in my opinion, is a less reliable but more secure and more flexible choice in the hands of someone who knows how to use it. The hardware firewall is a more reliable, yet a less secure and less flexible option. Either one will be sufficient for more users though, as far as you usual 'attacks', since typically attacks come from the outside and do not originate on your computer. Both firewalls together - well - that will be very effective but could be more hassle than your average person would rather deal with.
     
  4. Samstoned

    Samstoned TechSpot Paladin Posts: 2,582

    don't forget windows allows for MS to spy on you
    and they get paid to allow other softs to do same
    outpost will block all
    add router firmware good combo
    your the user you must pay attention to what the software can do
    (block )(unblock)
     
  5. SNGX1275

    SNGX1275 TS Forces Special Posts: 12,635   +321

    Windows is likely firewalling your wireless connection, it does that by itself by default. So unless you turned it off, it is on. As others stated, your router is doing some firewalling also.

    As security increases, usability/flexibility decreases. It is important to find the right balance for you.
     
    1 person likes this.
  6. jobeard

    jobeard TS Ambassador Posts: 13,449   +324

    most cheap Routers have NAT and close all port forwarding ... thus
    "they have a defacto firewall".
    The real protection is the NAT service.

    A real hardware FW has a means to configure far more than just port forwarding,
    in/out bound protocols
    source/destination IP addresses
    souce/destination port numbers​

    so baring these features, install any firewall that gives you this level of control.
     
  7. tipstir

    tipstir TS Ambassador Posts: 4,686   +86

    MS spying feature can be disabled so that's not a big issue. You could have one PC route and use one firewall on that PC So that all PCs on your network don't have to get bog down with false detection. Just keep it simple. NAT, SPI Intrustion Dection on some routers which is HDW base or having all 3 does a great job.

    I/O Software uses memory and etc.. You might want to go with something light. But not the one from XP that's awful and at time is blocks out other PCs on your network.
     
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.