With a wireless Gateway/Router do I need a software firewall anymore on wired comps. (1 Viewer)

[Luke_Y]

Right now I have a cable modem plugged into my desktop. Then a usb wireless adaptor plugged in so my wifes notebook can acess files and the internet through XPs internet connection sharing on the desktop VIA a wireless pc card.

I would like to change to a wireless gateway/router, hardwire the desktop to that and then use the wireless pc card and the usb adaptor to add the notebook and my sons desktop upstairs to the network.

My question is, will I no longer need a software firewall on at least the desktop that is wired to the router? But, will I still need to run software firewalls on the computers that will be connected via wireless adaptors?

Thanks,

 

[Gordon Moore]

Technically no...but depending on the router you may only have NAT and no logging, SPI, etc..


All computers connected to your router sit behind the router and therefore are protected (sort of) through NAT.

NAT is okay but if you get a trojan through email, you may not be aware of the port opening up on that pc as your pc phones home to the trojan creator.
That said, many people believe that a hardware router and/or firewall + a good up-to-date virus checker is all the home user really needs. That and constant updates from windows update and you should be fine.

Just make sure antivirus is running on ALL pc's. If you have the horse power to spare then run a software firewall and you have the best of both worlds. Otherwise I probably wouldn't bother. A port sniffer would be more useful than a software firewall.

like http://www.webattack.com/get/activeports.html

 

[Gordon Moore]

One more thing, make sure you turn on WEP (wired equivalent privacy) and MAC filtering to ensure no one else (like a neighbor) can jump on your network (read the instructions on how or contact customer support or ask here). It is extremely easy to do if this isn't turned on and someone could get free internet (or worse) off of you. I've seen it done to a few friends who went wireless just to prove that point. With the range of some of these new boxes, you could be broadcasting to the street!

 

[AllanN]

Like others have said having a hardware firewall will keep worms and attacks out. Having a good anti-viurs and keeping your OS updated should prevent you from getting infected. On a WIRED network, the only thing a software client-side firewall would really do is keep and infected computer from spreading its malicious code to other computers. Because a wired private network is hard to attack from the inside. But seeing as you are on a wireless network, it makes it much easier to directly attack your internal network. No longer does someone have to breach your router. They just have to be within range of you wireless access point. Depending on your area where you live, a common practice in many urban areas, is to take a laptop drive around town and find unprotected wireless access points(wardriveing). I would keep your software firewalls on all your individual internal computers, you already have the software so it will not cost you any more money and at a minimum XP has a simple firewall app. Also be sure to setup the strongest encryption you can on your wireless access point. There is no such thing as to much protection.

P.S. I second MAC filtering. Someone determined could spoof a MAC without to much trouble. But it would keep the amateurs out.

 

[Tony Whalen]

With the range of some of these new boxes, you could be broadcasting to the street!

I'll say! I've got a little LinkSys setup so my laptop can use the 'net. Well, I took it over to a friends place 7 doors away...to show some pics and generally screw around. Well... to my horror, I could *STILL* access the 'net, AND the shared folders on my server. *shudder*

So, I *COULD* have been feeding half the neighbourhood free internet service.... YIPE!!!!!!

After that, MAC filtering was activated, as was 128-bit encryption. Scared the hell outta me! (Made sure I had a pretty unique ssid as well.)

 

[Tom Lowden]

I run both, and I still get Trojan Horse attack attempt alerts on my software firewall (Norton Internet Security/Norton Personal Firewall) even though I'm behind a hardware firewall/router. So I would recommend running both if you can.

- Tom -

 

[AllanN]

I run both, and I still get Trojan Horse attack attempt alerts on my software firewall (Norton Internet Security/Norton Personal Firewall) even though I'm behind a hardware firewall/router. So I would recommend running both if you can.

What Trojan Horse attacks are you recieveing? Im curious about what viruses can break through a home hardware firewall.

 

[JamesHl]

What Trojan Horse attacks are you recieveing? Im curious about what viruses can break through a home hardware firewall.

And I realize NAT isn't everything, but how is it getting directed to your computer? You don't have it set up to forward ports which trojans operate on from your router to your cpu, do you?

I mean, how do they get there?

 

[Gordon Moore]

I wonder if those trojan alerts happen when browsing websites ????

 

[Tekara]

the one sole beauty of a software firewall is that it can monitor outgoing traffic and restrict programs on your computer from accessing the internet on a program to program basis. this can be incredibly helpful at times, like finding spyware, malicious code, etc. that has gottem onto your computer.

I always recommend having a software firewall.