Tom's Guide | Tom's Hardware | Tom's Games

Computing.Net > Forums > Networking > do i need a firewall when behind DSL rou

Computer Problems? Computing.Net has over 1,000,000 posts about all things technology related! Over 90% answered within 24 hours! Click here to start participating now! Also, be sure to check out the New User Guide.

do i need a firewall when behind DSL rou

Reply to Message Icon

Name: Amn
Date: August 16, 2002 at 03:57:07 Pacific
Comment:

Hi all!

I have configured home network consisting of 2 PC's each connected to a DSL router equipped with NAT/firewall. The internet access goes via router of course. Do i need separate firewall software on each of the machines at all ? like zonealarm, or ICF...

The machines are DHCP clients, and are assigned LAN ip adresses, so i wonder if thay are seen at all from WAN which makes firewall unnecessary?

Help me here please ;)

Thanks,
Amn.



Sponsored Link
Ads by Google

Response Number 1
Name: Danny
Date: August 16, 2002 at 04:55:21 Pacific
Reply:

Most router has built-in firewall. If correctly setup (99% user doesnt), it will be secure enough to protect all computers.



0

Response Number 2
Name: Amn
Date: August 16, 2002 at 05:06:13 Pacific
Reply:

How do set it up correctly? My NAT table is empty , i.e no port/adress redirection is specified. Firewall is enabled.



0

Response Number 3
Name: sid
Date: August 16, 2002 at 06:15:49 Pacific
Reply:

No port redirection is the highest security, that means nothing can get in.


0

Response Number 4
Name: Amn
Date: August 16, 2002 at 06:21:26 Pacific
Reply:

What about packets SPECIFICALLY telling router to pass via gateway...so called router messages or something...Have you ever heard about those ?

Thanks for great help so far,

Amn.


0

Response Number 5
Name: Danny
Date: August 16, 2002 at 07:52:53 Pacific
Reply:

Sid is right, No port redirection is the best security. NATing mode prevent incoming connection onto your computer. However, good security rules also control outgoing connection. Then in the [filters] section of your router, you should add some rules that restrict outgoing port you really need.

common rules are:

port tcp/80 - ALL
port tcp/443 - ALL
port udp/53, tcp/110, tcp/25 - ISP only

block all other ports from 1 to 1023, and disable ICMP protocol if possible.

Some router also have a "Stealth mode" that should be enabled.

Why restriction outgoing connection? Simply to prevent worm propagation and trojan from providing personnal information. Second reason, if someone break into your system, he will not be able to use it to attack others.



0

Related Posts

See More



Response Number 6
Name: Amn
Date: August 17, 2002 at 05:37:29 Pacific
Reply:

But really, what about packets still coming in to my machine behind the router ?

A while ago, when i still had ZoneAlarm installed, i sometimes had got alerts of incoming blocked connections from global hosts (Internet)...i was wondering how did they come through ???.... THis means obviously, some incoming packets indeed bypass router. And that might be serious reason for personal firewall on each DHCP client ?

Anyways, thanks for all the posts, i hope this benefits others with similiar issues..

Amn.


0

Sponsored Link
Ads by Google
Reply to Message Icon



Post Locked

This post is quite old and has been locked from receiving new replies. Please create a new posting instead.


Go to Networking Forum Home


Sponsored links
Ads by Google


Results for: do i need a firewall when behind DSL rou
Just got DSL, do I need a firewall? www.computing.net/answers/networking/just-got-dsl-do-i-need-a-firewall/5779.html

Do i need a firewall with my setup? www.computing.net/answers/networking/do-i-need-a-firewall-with-my-setup/8894.html

do I need a router - learning quest www.computing.net/answers/networking/do-i-need-a-router-learning-quest/20341.html