dave holbon

I have a Netgear DG834 ADSL modem router and a software firewall installed on all the machines on the network. I notice that on the Netgear site that they do not recommend this. The software firewall is Kaspersky and appeared to work o.k. but I have just un-installed it, appears not have made any difference.

Anyone got any views on this?

LordOfLA

you do not need a software firewall if you connect through a nat router. at all. ever.

---

Xie

Unless he's on a Windows box and wants to keep programs from "phoning home" or trojans or what have you. I don't think I would run a Windows box without something doing some sort of packet inspection.

---

LeeJend

There are earlier posts here about the same subject.

Hardware (NAT) firewalls only protect against inbound traffic from the internet.

Software firewalls protect against outbound traffic (worms. spyware, keystroke loggers, etc.) as well as inbound traffic looking for vulnerabilities. They also protect you from cross infection of computers on your own lan. Software firewalls are also updated as soon as new vulnerability types are identified.

So if you're feeling lucky and are absolutely positive nothing will ever get onto a machine on your LAN, or if you don't care about a worm with a keystroke logger capturing your credit card numbers, social security number etc and broadcasting out to the web, or if you cut all the floppy, cd, usb hardware and the email accounts off your LAN PC's then sure, go ahead and depend on just the Router's NAT firewall.

PS I do that on one machine on my LAN but the rest use soft and hard firewalls.

---

j79zlr

Also, you need a firewall if you want to protect against other PC's inside the LAN. If a PC is infected with some trojan, it could possibly infect all of your non-protected PC's in the network the same as a non-firewalled PC gets infected via the WWW.

---

dave holbon

Yes that’s what I thought, NAT’s do not check (by default) outgoing packets except to edit the header to amend the IP address. If this is true then setting then up correctly would take about a hundred years for each thousand PC’s on the internal network where a key logger already is installed.

Something’s adrift here surely?

perris

I would never have a box running without outbound monitoring and protection

---

dave holbon

Just re-installed kaspersky software firewall and it shut down my internet connection immediately. I have disabled it pending a look through the logs and so I can post this.

LordOfLA

okay so you load a software firewall, you get a virus that your AV software missed becuase it hasnt fetched the latest patterns yet, it kills your firewall (there are a few Win32API calls that will terminate an app and it doesn't get to argue about it) and happily sends it stuff about..

That protected you from outbound traffic how exactly?

---

j79zlr

The non infected PC's are now protected.

I like to not have WMP call home every time it runs, I can block its traffic, also, alot of spyware/viruses do not disable firewalls and you can pick up on them rather easily when some odd new EXE is trying to reach the WWW.

---

perris

a person with a hardware firewall isn't protected agains viruses by virtue of his firewall

if a person has a hardware firewall that doesn't guard against outgoing traffic it's also neccessary to have a software firewall running with it...always

plus, modern sofrware firewalls have sandboxes that refuse to allow exe's to run without permission, so a software firewall can prevent a virus while a hardware firewall won't

---

tdinc

agree...

---