Do I need a software firewall

I am about to go to Broadband and have invested in a Vigor ADSL router with
built in hardware firewall. I am leaving it just as a NAT router until I
understand more about configuring the firewall (if this is needed) What I
would like to get clear on is what I need PC software wise

Obviously some AV software but do I need a software firewall?. There seems
to be conflicting views here so whilst I do not want to encourage a shouting
match I would like to know from those who do not run a firewall as to what
they do as regards the trojan etc threats.

Maybe I can do all I need by configuring the Vigor firewall Any comments

Many thanks to all

Mike Saunders

Mike Saunders

Mike Saunders wrote:

> I am about to go to Broadband and have invested in a Vigor ADSL router with
> built in hardware firewall. I am leaving it just as a NAT router until I
> understand more about configuring the firewall (if this is needed) What I
> would like to get clear on is what I need PC software wise
>
> Obviously some AV software but do I need a software firewall?. There seems
> to be conflicting views here so whilst I do not want to encourage a shouting
> match I would like to know from those who do not run a firewall as to what
> they do as regards the trojan etc threats.


A software firewall will give you the advantage of seeing what programs
on your PC are going to want to create outgoing connections, and to
where. If this is not important to you, then you can skip the software
firewall.

As for incoming connection attempts, the hardware firewall will take
care of that.


-WD

Will Dormann

On Fri, 28 May 2004 21:35:55 +0100, "Mike Saunders"
<> wrote:

>I am about to go to Broadband and have invested in a Vigor ADSL router with
>built in hardware firewall. I am leaving it just as a NAT router until I
>understand more about configuring the firewall (if this is needed) What I
>would like to get clear on is what I need PC software wise
>
>Obviously some AV software but do I need a software firewall?. There seems
>to be conflicting views here so whilst I do not want to encourage a shouting
>match I would like to know from those who do not run a firewall as to what
>they do as regards the trojan etc threats.
>
>Maybe I can do all I need by configuring the Vigor firewall Any comments
>
>Many thanks to all
>
>Mike Saunders
>
>
>
>
>
I have a firewall in my LinkSys router AND a software firewall on each
PC. Mostly not really needed,.. untill i read in the papers that my
firewall had a security problem that allowed hackers to enter a pc...
I was happy about the double firewall... so why not.
More info:
http://www.nondisputandum.com/html/a..._firewall.html
--
www.nondisputandum.com

Protect, clean, tools, office, webbuilding
newsfeeds, entertainment, searching
+ the internet addiction test!

NonDisputandum.com

On Fri, 28 May 2004 21:35:55 +0100, "Mike Saunders" <>
wrote:

>I am about to go to Broadband and have invested in a Vigor ADSL router with
>built in hardware firewall. I am leaving it just as a NAT router until I
>understand more about configuring the firewall (if this is needed) What I
>would like to get clear on is what I need PC software wise
>
>Obviously some AV software but do I need a software firewall?. There seems
>to be conflicting views here so whilst I do not want to encourage a shouting
>match I would like to know from those who do not run a firewall as to what
>they do as regards the trojan etc threats.
>
>Maybe I can do all I need by configuring the Vigor firewall Any comments
>
>Many thanks to all
>
>Mike Saunders

Mike,

A NAT router (does it have SPI?) is a good first layer defense. Using Defense
In Depth, you really need more protection. Nobody knows what attack might come
next, so be prepared. Most of the components mentioned below are free - any
current, well maintained system can run all simultaneously.

The second layer is a software firewall, or a port monitor like Port Explorer
(free) from <http://www.diamondcs.com.au/portexplorer/index.php?page=home>. See
various discussions in comp.security.firewall for good advice on choosing a
firewall.

The third layer is good software. This layer has multiple components.

AntiVirus protection. Realtime, plus a regularly scheduled virus scan.
Regularly updated.

Adware / spyware protection. Realtime, plus a regularly run adware / spyware
scan. Regularly updated.
Complete instructions, using Spybot S&D and HijackThis (both free) are here:
<http://forums.spywareinfo.com/index.php?showtopic=227>.

Harden your browser. There are various websites which will check for
vulnerabilities, here are three which I use.
http://www.jasons-toolbox.com/BrowserSecurity/
http://bcheck.scanit.be/bcheck/
https://testzone.secunia.com/browser_checker/

Harden your operating system. Check at least monthly.
http://windowsupdate.microsoft.com/

Block possibly dangerous websites with a Hosts file. Three Hosts file sources I
use:
http://www.accs-net.com/hosts/get_hosts.html
http://www.mvps.org/winhelp2002/hosts.htm
(The third is included, and updated, with Spybot (see above)).

Maintain your Hosts file with:
eDexter <http://www.accs-net.com/hosts/get_hosts.html>
Hostess <http://accs-net.com/hostess/>

Secure your operating system, and applications. Don't use, or leave activated,
any accounts with names or passwords with trivial (guessable) values. Don't use
an account with administrative authority, except when you're intentionally doing
administrative tasks.

The fourth layer is common sense. Yours. Don't install software based upon
advice from unknown sources. Don't install free software, without researching
it carefully. Don't open email unless you know who it's from, and how and why
it was sent.

The fifth layer is education. Know what the risks are. Stay informed. Read
Usenet, and various web pages that discuss security problems. Check the logs
from the other layers regularly, look for things that don't belong, and take
action when necessary.

Cheers,
Chuck
Paranoia comes from experience - and is not necessarily a bad thing.

Chuck