HELP.....Wireless home network

wolfman

MercilessKiller wrote:

Wolfman.. the Netgear firewall blocks tcp and udp incoming and outgoing. it will only allow if you purposly set this through port forwarding and firewall rules on the router which would most prob not be needed.

It won't block outbound requests, otherwise you'd need to configure it (ie open up the ports) for applications such as simply browsing the internet (port 80), using msn messenger, any form of updates (different applications use different ports). If it does its the first router I've seen to ship like that and I've previously had a Netgear (the DG834G).

It will block all inbound requests, ie someone trying to connect to port 21, but any requests from an internal pc (ie your machine) will be allowed out. This means if you do happen to get a trojan, there's nothing to stop it sending an outbound request as the router will let it through. It could for example do so on port 80 which is used for http requests (browsing the internet), and you're router would be unlikely to stop it depending on how complex its packet filtering rules are.

A software firewall provides a personal (ie per machine) setup. It also registers any illegal applications trying to run on your machine, such as the trojan trying to send a request out on port 80, so is a good way of knowing what's being sent from your machine.

A hardware firewall is important for blocking incoming requests (first line of defence), and hiding you behind NAT. With regards to internal security though you really should have a software firewall. Even if a virus does get blocked from going outbound, there's nothing to stop it trying to spread across your network internally. The only instances I can think of where you don't really need a software firewall is in a company environment, but they'll have some form of unix/cisco firewall that is a lot more complex and powerful than the port blockers you get on a router.

Just type in "software firewall needed router" to google and you'll see you're in a huge minority.

MercilessKiller

Trojans are removed with good anti virus software for a start. As well as adaware stoppers etc...

Search google for software firewall not needed with router and see what you get.. and also, the neatgear router DOES block outbound services EXCEPT Default ones such as 80,21,25 etc.. all the ones most computers use for every day tasks. This is instructions taken straight from configuration of outbound services:

Outbound Services

This lists all existing rules for outbound traffic. If you have not defined any rules, only the default rule will be listed. The default rule allows all outgoing traffic.

To create a new rule:

1. Click the "Add" button. (It does not matter which radio button is selected)
2. The "Outbound Service" screen will be displayed. This screen has its own help file.
3. Complete the "Outbound Service" screen, and save the data. The new rule will be listed in the table when you return to this screen.

To make changes to an existing rule:

1. Click the radio button next to an row in the table.
2. Click the button for the desired actions:
* Edit - to make any changes to the rule definition. The "Outbound Service" screen will be displayed, with the data for the selected rule.
* Move - to move the selected rule to a new position in the table. You will be prompted for the new position.
* Delete - to delete the selected rule.



In order for you to use outbound software from behind the router you need to open to port outbound.

Told you it has a firewall in.. believe me please.

Rex_Mundi

In order for you to use outbound software from behind the router you need to open to port outbound.

I use a Netgear DG834 and I can tell you. This is absolutely not true. I use many types of outbound connections and I've NEVER had to configure the router to allow them access to the net.

You copied from the manual this bit

This lists all existing rules for outbound traffic. If you have not defined any rules, only the default rule will be listed. The default rule allows all outgoing traffic.

So by default, the router is going to allow ALL outbound traffic. With a software firewall, at least you are going to get a warning that something is trying to call out from your PC.

Antivirus and/or anti spyware programs will normally sort out trojans for you. In a lot of cases this will only be when you run the scan. Untill you've found and dealt with the trojan, if you don't have a software firewall, it will have full access out of your computer.

MercilessKiller

Rex, thank you for correcting me on my mistake. I apologise for my mis information:

However, I'm also confused. What pc harmful software can go outbound from your connection that isn't detected? Virus scanners are live and thus any bad files it will find as soon as they are on your pc! For instance if I go on a page with a trojan in the java script, it automatically alerts that a file in my /temp/ is infected and deletes it for me...

the firewall just takes up memory in that sense as it really isn't NEEDED... there is nothing that can go outbound without your permission that is harmful to your pc yet undetectable to virus scanners.....

Rex_Mundi

there is nothing that can go outbound without your permission that is harmful to your pc yet undetectable to virus scanners

In the case of trojans, then a decent up to date antivirus should be enough protection. However, there are many many different types of spyware out there that are not picked up by an antivirus program. If they were, there would be no need for the likes of adaware and spybot. Spyware can be just as malicious as trojans.

Adaware and spybot generally only run when you run a scan. They don't normally monitor in real time unless you have installed the 'teatimer' feature on spybot, or purchased the adwatch feature with adaware.

So there is plenty of malware out there that can go outbound without being picked up by your AV.

MercilessKiller

Nothing dangerous though! Then adaware can pick it up doing your weekly scan

I just think firewalls take up un-needed memories behind routers personally.. ah well

orainsear

Rex_Mundi wrote:

This lists all existing rules for outbound traffic. If you have not defined any rules, only the default rule will be listed. The default rule allows all outgoing traffic.

That will be the reason I don't use the default settings and have added rules for the outbound software that I use...

wolfman

Rex_Mundi wrote:

I use a Netgear DG834 and I can tell you. This is absolutely not true. I use many types of outbound connections and I've NEVER had to configure the router to allow them access to the net.

You copied from the manual this bit

This lists all existing rules for outbound traffic. If you have not defined any rules, only the default rule will be listed. The default rule allows all outgoing traffic.

So by default, the router is going to allow ALL outbound traffic. With a software firewall, at least you are going to get a warning that something is trying to call out from your PC.

Antivirus and/or anti spyware programs will normally sort out trojans for you. In a lot of cases this will only be when you run the scan. Untill you've found and dealt with the trojan, if you don't have a software firewall, it will have full access out of your computer.

Thanks, was what I was trying to explain.

For what it uses up in resources, it's always worth having a software firewall, just to make your system tight. I use Kerio Personal Firewall and it uses about 20mb of resources which isn't a huge amount.

Rex_Mundi

That will be the reason I don't use the default settings and have added rules for the outbound software that I use...

........and because I use a software firewall as well.......this is why I didn't need to do this. lol

MercilessKiller

wolfman.. 20mb is a lot of memory.

THere are games such as football manager which takes up every mb of memory available for speed of loading, and other applications which needs memory.

That 20mb isn't much if you have 2gb of dual ram.. but for lower computers with 256 of SD ram for example is going to struggle with windows, anti virus, firewall, all other background applications, and then running a program on top!