Hardware and Software firewall on same PC

Discussion in 'Windows Desktop Systems' started by dave holbon, Jun 2, 2005.

  1. dave holbon

    dave holbon Moderator

    Messages:
    1,014
    Location:
    London England
    I have a Netgear DG834 ADSL modem router and a software firewall installed on all the machines on the network. I notice that on the Netgear site that they do not recommend this. The software firewall is Kaspersky and appeared to work o.k. but I have just un-installed it, appears not have made any difference.

    Anyone got any views on this?

    :)
     
  2. LordOfLA

    LordOfLA Godlike!

    Messages:
    7,027
    Location:
    Maidenhead, Berkshire, UK
    you do not need a software firewall if you connect through a nat router. at all. ever.
     
  3. Xie

    Xie - geek - Subscribed User Folding Team

    Messages:
    5,275
    Location:
    NY, USA
    Unless he's on a Windows box and wants to keep programs from "phoning home" or trojans or what have you. I don't think I would run a Windows box without something doing some sort of packet inspection.
     
    Petros likes this.
  4. LeeJend

    LeeJend Moderator

    Messages:
    5,291
    Location:
    Fort Worth, TX
    There are earlier posts here about the same subject.

    Hardware (NAT) firewalls only protect against inbound traffic from the internet.

    Software firewalls protect against outbound traffic (worms. spyware, keystroke loggers, etc.) as well as inbound traffic looking for vulnerabilities. They also protect you from cross infection of computers on your own lan. Software firewalls are also updated as soon as new vulnerability types are identified.

    So if you're feeling lucky and are absolutely positive nothing will ever get onto a machine on your LAN, or if you don't care about a worm with a keystroke logger capturing your credit card numbers, social security number etc and broadcasting out to the web, or if you cut all the floppy, cd, usb hardware and the email accounts off your LAN PC's then sure, go ahead and depend on just the Router's NAT firewall.

    PS I do that on one machine on my LAN but the rest use soft and hard firewalls.
     
  5. j79zlr

    j79zlr Glaanies script monkey Political User

    Messages:
    2,725
    Location:
    Chicago
    Also, you need a firewall if you want to protect against other PC's inside the LAN. If a PC is infected with some trojan, it could possibly infect all of your non-protected PC's in the network the same as a non-firewalled PC gets infected via the WWW.
     
    Petros likes this.
  6. dave holbon

    dave holbon Moderator

    Messages:
    1,014
    Location:
    London England
    Yes that’s what I thought, NAT’s do not check (by default) outgoing packets except to edit the header to amend the IP address. If this is true then setting then up correctly would take about a hundred years for each thousand PC’s on the internal network where a key logger already is installed.

    Something’s adrift here surely?

    :eek:
     
  7. Perris Calderon

    Perris Calderon Moderator Staff Member Political User

    Messages:
    12,332
    Location:
    new york
    I would never have a box running without outbound monitoring and protection
     
  8. dave holbon

    dave holbon Moderator

    Messages:
    1,014
    Location:
    London England
    Just re-installed kaspersky software firewall and it shut down my internet connection immediately. I have disabled it pending a look through the logs and so I can post this.

    :eek: :eek: :eek:
     
  9. LordOfLA

    LordOfLA Godlike!

    Messages:
    7,027
    Location:
    Maidenhead, Berkshire, UK
    okay so you load a software firewall, you get a virus that your AV software missed becuase it hasnt fetched the latest patterns yet, it kills your firewall (there are a few Win32API calls that will terminate an app and it doesn't get to argue about it) and happily sends it stuff about..

    That protected you from outbound traffic how exactly?
     
  10. j79zlr

    j79zlr Glaanies script monkey Political User

    Messages:
    2,725
    Location:
    Chicago
    The non infected PC's are now protected. ;)

    I like to not have WMP call home every time it runs, I can block its traffic, also, alot of spyware/viruses do not disable firewalls and you can pick up on them rather easily when some odd new EXE is trying to reach the WWW.
     
  11. Perris Calderon

    Perris Calderon Moderator Staff Member Political User

    Messages:
    12,332
    Location:
    new york
    a person with a hardware firewall isn't protected agains viruses by virtue of his firewall

    if a person has a hardware firewall that doesn't guard against outgoing traffic it's also neccessary to have a software firewall running with it...always

    plus, modern sofrware firewalls have sandboxes that refuse to allow exe's to run without permission, so a software firewall can prevent a virus while a hardware firewall won't
     
  12. tdinc

    tdinc █▄█ ▀█▄ █ Political User

    Messages:
    3,507
    Location:
    Sterling Heights, MICHIGAN
    agree...