Is a firewall router worth it?

[9mmprincess]

My friend had a virus/trojan that totally messed up her system and she had to reinstall windows... her supervisor at work recommended a router firewall, so she got one, for around 50 bucks (she lives in Canada). Are these really worth it? If so, how much should I expect to pay for a good one in the US?

tia

[24giovanni]

My friend had a virus/trojan that totally messed up her system and she had to reinstall windows... her supervisor at work recommended a router firewall, so she got one, for around 50 bucks (she lives in Canada). Are these really worth it? If so, how much should I expect to pay for a good one in the US?

tia

Get a software firewall. Comodo firewall pro is free and it works great. Just google it and d/l it.

[YARDofSTUF]

Yeah you could go with comodo software firewall, a router with NAT is nice, theres no performance hit since your PC isnt running it, and then theres always the option of a real hardware firewall, little more complicated. Either of the first 2 options would be good enough for a home user.

[9mmprincess]

Yeah you could go with comodo software firewall, a router with NAT is nice, theres no performance hit since your PC isnt running it, and then theres always the option of a real hardware firewall, little more complicated. Either of the first 2 options would be good enough for a home user.

Yeah she mentioned that it was better cos it's not using your puter's RAM... What's "NAT"? I'll check out Comodo.

[YARDofSTUF]

Yeah she mentioned that it was better cos it's not using your puter's RAM... What's "NAT"? I'll check out Comodo.

NAT is what acts as the firewall on routers basically. Network Address Translation.

Info overload:

http://en.wikipedia.org/wiki/Network_ad ... ranslation

[9mmprincess]

Thanks... I checked out Comodo and I'm going to download it and check it out

[Sava700]

I prefer a cheap router with the built in firewall over a software firewall other than Windows Firewall which is really all you will ever need. No need to bloat the system down more with software junk that usually ends up messing up winsock anyway.

[YARDofSTUF]

I prefer a cheap router with the built in firewall over a software firewall other than Windows Firewall which is really all you will ever need. No need to bloat the system down more with software junk that usually ends up messing up winsock anyway.

Windows firewall isn't horrible, but its not all you need.

[OSULLY]

I prefer a cheap router with the built in firewall over a software firewall other than Windows Firewall which is really all you will ever need. No need to bloat the system down more with software junk that usually ends up messing up winsock anyway.

I recently got a router but I left my comodo running since it doesn't take much overhead on my system.

[YeOldeStonecat]

Without a doubt...get a router. I won't support a computer unless it's behind a router...all clients of mine are put behind one.

I don't like relying on software firewalls. They can fail you. There have been exploits out in the past...which can knock out software firewall..disable their service. Software firewalls can also become corrupted, or the server might not start for some reason. All your computer needs is several seconds on the internet being exposed on a public IP address..and it can get infected with something.

A routers firewall won't fail you (by default)....the router itself might..in which case you don't get internet...you go out and get another router and replace it.

[Sava700]

Windows firewall isn't horrible, but its not all you need.

yeah thats all you really need... watch your surfing habits and stay away from porn and warz sites and you don't have anything to worry about. I don't even run a anti-virus or WF on my gaming rig...why? Well I know what I do and i know where I go so I don't need to worry about it. A software firewall like sygate,zonealarm and comodo are overkill and not needed...they can cause all sorts of issues along with be exploited beyond control... it would be like me having a guy that just turned blind try to help me across the street.

[YeOldeStonecat]

Well I know what I do and i know where I go so I don't need to worry about it. .

Well known websites and forums have been compromised...by injecting drive by exploits. One day you could log onto SG or one of your other daily forums and get hit. Your post in the gen forums about TGNs site....it got hacked..what if they decided to inject a drive by exploit?

Since I game heavily...a lightweight AV is the way to go for me.

The only rig I have without an antivirus is the one I'm typing from now...running *nix, but even that has a couple of exploits out there....one day an AV will become needed full time on it.

[Sava700]

Well known websites and forums have been compromised...by injecting drive by exploits. One day you could log onto SG or one of your other daily forums and get hit. Your post in the gen forums about TGNs site....it got hacked..what if they decided to inject a drive by exploit?

Since I game heavily...a lightweight AV is the way to go for me.

The only rig I have without an antivirus is the one I'm typing from now...running *nix, but even that has a couple of exploits out there....one day an AV will become needed full time on it.

a exploit that would cause my system issues would get picked up by me..and then destroyed by me. I've got images of all my pc's...plus now with a fresh slip streamed copy of XP SP3 a fresh install of everything would only take an hour and I'm back in business.. I'm not worried one bit since I've never ran into this problem you suggested is possible nor would it effect me since I'm behind a strong router firewall

A software firewall like comodo is just plain overkill and not needed.

[YeOldeStonecat]

I'm not worried one bit since I've never ran into this problem you suggested is possible nor would it effect me since I'm behind a strong router firewall

A software firewall like comodo is just plain overkill and not needed.

I agree a software firewall isn't necessary for all users, I don't use one.
What's your "strong" router firewall? Running *nix distro? BTW, a NAT router won't stop a website exploit at all...only stops self spreading worms and exploits that wander around the internet subnets.

[Sava700]

I agree a software firewall isn't necessary for all users, I don't use one.
What's your "strong" router firewall? Running *nix distro? BTW, a NAT router won't stop a website exploit at all...only stops self spreading worms and exploits that wander around the internet subnets.

I am the "Strong" router firewall...

I control what my computers do

[satyre]

....the option of a real hardware firewall, ....

I prefer a cheap router with the built in firewall ....

since I'm behind a strong router firewall ...

I am wondering you are all talking about any router with NAT or any other protocol makes it stronger.....

Are you all referring to the same thing?

[YeOldeStonecat]

I am wondering you are all talking about any router with NAT or any other protocol makes it stronger.....

Are you all referring to the same thing?

Home grade routers provide you with a basic hardware firewall through the way that they function...NAT...network address translation. That's how they take a single IP address from your ISP..and share it to a network of computers behind them..when in gateway mode (as most home grade broadband routers are run). By default all 64,000 plus ports are blocked. So your PCs are protected from the "noise" of the internet.

Example...lets take the MSBlaster worm...which spreads around networks by itself using a DCOM vulnerability if I recall correctly. Or Slammer SQL exploit as another example. A computer sitting on a public IP address...just sitting there running...it can "catch" that bug. Those exploits and worms self spread around various subnets of the internet. Take a few minutes to read a log from a good firewall...you'll see "sniffs" from SQL worms checking your public IP address to see if the exploits is available. A computer behind a NAT router....will not.

Now..traditional home grade routers are 1-way..by default they block all incoming traffic..unless it originates from inside the network (a request is made for it from within). But they allow all traffic out..unquestioned..because the internal side is "trusted". They run SPI...some deeper SPI...examining traffic for traditional exploits.

Higher end business/enterprise grade hardware firewalls will check both directions of traffic..and you can block outgoing traffic of types...only allowing certain types of outbound. Example..the network I'm working on right now..I can choose to only allow outbound web traffic...and block all other kinds, content filter, block all popular P2P protocols, block all instant messaging traffic, scan all traffic for viruses/worms/malware/ad/spyware, remove SPAM from e-mail, etc. But this gets beyond the scope of this post.

[ghettoside]

9mm,

You might be able to pick up a router off craigslist at a very reasonable price.

I replaced mine last summer when I got the comcast on, my old one got weather damaged during storage.

I paid $10 for a linksys, $70 unit in stores.

[YARDofSTUF]

I agree a software firewall isn't necessary for all users, I don't use one.
What's your "strong" router firewall? Running *nix distro? BTW, a NAT router won't stop a website exploit at all...only stops self spreading worms and exploits that wander around the internet subnets.

His strong router firewall is the DLink 4100.

[Sava700]

His strong router firewall is the DLink 4100.

no I have a DGL 4300 but I was refering to me as the "strong router firewall" I know what to let and let out

[YARDofSTUF]

no I have a DGL 4300 but I was refering to me as the "strong router firewall" I know what to let and let out

Same difference as far as the 4100/4300 lol

And as for you being the strong firewall, no. As a person you can best defeat social engineering attacks, but a true firewall, thats the strong one, Like IPcop, Endian, Untangle. As stonecat said, mainstream sites can get hit too, and so if you trust the site, you, as the strong firewall, allow it in.

A strong firewall like teh ones I mentioned are nice too as then can scan for viruses and trojans, and things before the site is loaded on your browser for you.

[Sava700]

can't get past these eagle eyes and those cat like reflexes of the mouse click

[YARDofSTUF]

can't get past these eagle eyes and those cat like reflexes of the mouse click

Ok save the ego stuff, this is a thread about someone wanting actualy protection for her PC and maybe others in the future, lets not add illusionary items.

[Sava700]

Ok save the ego stuff, this is a thread about someone wanting actualy protection for her PC and maybe others in the future, lets not add illusionary items.

wasn't about ego... but to stay within topic.. there is no need for a software firewall beyond WF...a simple hardware firewall from a router is fine and very cheap these days.

[YARDofSTUF]

wasn't about ego... but to stay within topic.. there is no need for a software firewall beyond WF...a simple hardware firewall from a router is fine and very cheap these days.

I agree a router is better than a software app, but if a user doesn't have or won't buy one then you need more than windows firewall, its decent but if you look around the wilder security forums they'll compare lots of firewalls and windows firewall wont be rated so well in comparison and seems to do poorly with outgoing traffic.

I wouldn't rely on it.

[ghettoside]

I've been w/o router before, I didn't have any issues using only the win firewall.

[CableDude]

I don't run AV or a firewall.

[YARDofSTUF]

I don't run AV or a firewall.

Ya but you only visit here lol

[CableDude]

Ya but you only visit here lol

[loop2kil]

Home grade routers provide you with a basic hardware firewall through the way that they function...NAT...network address translation. That's how they take a single IP address from your ISP..and share it to a network of computers behind them..when in gateway mode (as most home grade broadband routers are run). By default all 64,000 plus ports are blocked. So your PCs are protected from the "noise" of the internet.

Example...lets take the MSBlaster worm...which spreads around networks by itself using a DCOM vulnerability if I recall correctly. Or Slammer SQL exploit as another example. A computer sitting on a public IP address...just sitting there running...it can "catch" that bug. Those exploits and worms self spread around various subnets of the internet. Take a few minutes to read a log from a good firewall...you'll see "sniffs" from SQL worms checking your public IP address to see if the exploits is available. A computer behind a NAT router....will not.

Now..traditional home grade routers are 1-way..by default they block all incoming traffic..unless it originates from inside the network (a request is made for it from within). But they allow all traffic out..unquestioned..because the internal side is "trusted". They run SPI...some deeper SPI...examining traffic for traditional exploits.

Higher end business/enterprise grade hardware firewalls will check both directions of traffic..and you can block outgoing traffic of types...only allowing certain types of outbound. Example..the network I'm working on right now..I can choose to only allow outbound web traffic...and block all other kinds, content filter, block all popular P2P protocols, block all instant messaging traffic, scan all traffic for viruses/worms/malware/ad/spyware, remove SPAM from e-mail, etc. But this gets beyond the scope of this post.

You are still using Untangle right? IPcop has an add-on called URLfilter, does Untangle's version of this do a good job as far as controlling what each ip can and can't do?

[YeOldeStonecat]

You are still using Untangle right? IPcop has an add-on called URLfilter, does Untangle's version of this do a good job as far as controlling what each ip can and can't do?

I am using Untangle at a few clients now....love the package. It has a "client pass list"...so certain clients can be exempt from the blocks you put up. I'm not sure if you can make individual custom blocks for individual clients.

What I'm finding very beneficial...is the ad/malware blocker.....stops known bad cookies, filters web traffic well. I combine that...with using OpenDNS forwarding in active directories DNS, toss in NOD32....and I really see a huge drop in ad/spyware problems.

[Joel]

I don't run AV or a firewall.

[Andrzej]

good customs, plain laptop
behind Cisco 877w

[Shinobi]

I like my Westell 6100 Router / ADSL modem combo.
Not only does it filters inbound connections.. you can also configure it
to filter outgoing connections as well. My older router didn't have that
option.