Router vs software firewall
 

SO many areas of computers: programming, hardware, multimedia (and allthe catagories of that), networking, on and on.

My main weakness is networking and security. Its not that I dont want to learn its a timing issue. Im having a hell of a time with firewalls. Ive been trying demos out to see which is the most user friendly. The problem I keep having is the configuration continually interferes with software thats loaded on my system ( I know thats a configuration issue, but in some cases it doesnt seem to be as easy as just finding the software and giving it clearences.

Anyway I have a SMC barracade that Im using to run my cable service to multiple PCs. I understand it has a firewall in it? Is it automatically on? Is it something that has to be turned on and adjusted with software? Is it indeed better than any software firewall?

Your router "firewalls" the LAN side (your computers) by masking them from WAN (outside computers) identification. I'm pretty sure your router does this by dropping unauthorized pings and giving each of your computer an IP address only it knows. This should be on by default but you may have to turn in on.

A router doesn't substitute for a full firewall, however, whether it is software of hardware. A real firewall also monitors outbound trafic so trojans and other programs can't contact the WAN side (or even other stations on the LAN side for that matter) without explicit permission.

The router is a good first defense but doesn't replace a software firewall--one should really use both. A hardware firewall--where a physical box seperates your computer from the scary outside world--is the optimum defence.

Anyway, I think I got this mostly right. Hopefully a network guru will fix my mistakes and set you straight but this will get you rolling.

You may want to go to one of the many sites that will probe your computer to see if you are vulnerable. Your current setup may be adequate, depending on how concerned you are with security.

Link

A router will block any inboud traffic where the request did not come from the lan side of the router. The exception to this is if you open any ports and allow them through. For general home use, you won't open any ports at all. For a business use, you might open the SMTP port for incoming mail if you are running a mail server, or you might open the HTTP port if you are running a web server.

As smooth said, a firewall will inspect both inbound and outbound packets to make sure nothing is connecting where it shouldn't be. For example where I work, I have an open port in the router to allow mail into my network. I can have a software firewall running on my machine to block anything coming in on that port for my machine since the mail server is not on my workstation.

If you are sure you really need a firewall instead of just your router, a dedicated piece of hardware is the best way to go.

Many newer personal routers are also coming with more true firewalling abilities. Netgear makes a nice one with statefull packet inspection for under US$200 that will mail logs to the user if he/she wants. It also has basic content control, if you so desire.

Thanks for the help. I went to the site that crewsor provided and it says my PC is secured well. Most of my ports are showing to be in stealth mode as well. I have allot to learn. Hardware just reminded me how much I dont know about configuring.


THanks for the info.

If you really want to learn about firewalling, and have a second machine or can dual boot, spend some time playing around with OpenBSD's firewall or Ipfilter. Much more flexible than a black box you just buy & don't understand.

I honestly wouldn't recommend GRC as a place to "scan your ports" as I've had it show up a lot of faulty information.

kod raises a good point about OpenBSD. I recommend hitting up your local bookstore and finding a good book on securing your network.

I have had a lot of luck with my Linksys EtherFast Cable/DSL Router combine with BlackIce. That seems to provide a fairly advanced barrier. KOD is right, and you can probably use that as both a router and firewall.

If you use a dedicated firewall box, there are some Linux distributions that are prepackaged. Also, remember that firewall boxes don't need to be the latest and the greatest. For awhile last year, I was using an old p133 running openbsd as a firewall box, it worked fine.

From what I've heard, OpenWall is a good Linux distro to use for firewalls, as is Gentoo. OpenBSD seems to be the one that sets the bar, though, in terms of security and firewalling. It's what I use, and I highly recommend it.

the low down
 

Routers use NAT. This only slows down outside requests it will not block or stop them. There are sevral programs that will help you get through NAT. You can run a firewall on your computer but if you run windows it isn't the best idea. Run a real firewall between your modem and computer. Sonicwall and Watchgaurd are leaders in this. Check them out.

Sultanx is right, to a point. Most of the low end consumer equipment simply uses NAT to somewhat block outside requests. The last linksys router I had did port forwarding as well. I've got aquaintainces who admin some PiX boxes that would cringe though.

For the average user, a consumer router *and* a software firewall should provide enough protection. Hell, Windows XP's firewall might even suffice.

Use a software firewall too, Norton's Firewall is the easiest to use, though i never had any problems with the hardware firewall by itself.