Firewall

[petewood]

I have a netgear modem router which I believe has a firewall. How do I check if the firewall is running and do I need any other firewall software?

 

[Igorian]

Access the netgear configuration page through your web browser (see manual for instructions or download it from the website). There will be various firewall settings you can apply. You can also check the router logs, which will show firewall activity. There should also be a setting to disable ping echo, so that your router becomes, effectively, invisible.

Have a look at Steve Gibsons excellent security site and use the tests to see how well protected you are.

 

[boxst]

Hello

It is always worthwhile installing a firewall on the PC itself incase you open something that you shouldn't.

A good free one is ZoneAlarm.

Steve

 

[2scoops0406]

Well, that's one train of thought, however I've personally never subscribed to the 2 firewalls better than one argument, makes fault determination much more complex. Mind you, that said, I'm a complete hypocrite, 'cos I'm running 2 at the moment!!

 

[boxst]

Well, that's one train of thought, however I've personally never subscribed to the 2 firewalls better than one argument, makes fault determination much more complex. Mind you, that said, I'm a complete hypocrite, 'cos I'm running 2 at the moment!!

Hello

It depends what you are using the firewall for. The one on the router is good at stopping attempts at the outside world trying to gain access. The one on the PC is useful if you install a program / ActiveX / something dodgy that is trying to access the outside world. ZoneAlarm and it's ilk will tell you than program x is trying to do something. Very useful.

Steve

 

[pilgrim1]

I have a netgear modem router which I believe has a firewall. How do I check if the firewall is running and do I need any other firewall software?

personally I would always run both the router and a software firewall, see my comments at the bottom.

As suggested elsewhere "sheilds up" at Steve Gibsons site is an excellent way to start. One to watch out for, your router can have you running around in a panic when you fail the tests My router, like many others will close ports but not stealth them. This will mean you fail the port test even though nothing is actually wrong. Other users can see your ports, however they are closed.

An excellent resource is also :- http://www.firewallleaktester.com

As for which one, it's a very personal choice depending on your skill level. Zonealarm is good, mostly install and forget. However it is getting a bit on the bloaty side at the moment, also recent issues have stopped many (including myself) from using it. Tiny personal firewall is good, not simple though. Sygate free is not bad, personally however I prefer looknstop, it's not free but a nice, simple, lite rule based firewall that you can play with to your hearts content.

Well, that's one train of thought, however I've personally never subscribed to the 2 firewalls better than one argument, makes fault determination much more complex. Mind you, that said, I'm a complete hypocrite, 'cos I'm running 2 at the moment!!

Eddie M, I can't agree with this. 99% of the problems I see at this time are with Spyware, Malware and the like. OK ports are scanned and occasionally Windows attacked however infections of outgoing traffic seem far more prevalent these days. A good software firewall would have stop most of this as well as giving the user a clue that something was amis. I also find that the router based firewalls are far too complex for the casual user to configure correctly, some of the users I've dealt with have suggested that the router said it had a firewall, so they were not worried. The fact that out of the box, it afforded little or no protection was of no consequence.

 

[Igorian]

Eddie M, I can't agree with this. 99% of the problems I see at this time are with Spyware, Malware and the like. OK ports are scanned and occasionally Windows attacked however infections of outgoing traffic seem far more prevalent these days. A good software firewall would have stop most of this as well as giving the user a clue that something was amis. I also find that the router based firewalls are far too complex for the casual user to configure correctly, some of the users I've dealt with have suggested that the router said it had a firewall, so they were not worried. The fact that out of the box, it afforded little or no protection was of no consequence.

Unfortunately, a software firewall does not protect against the installation of malware, it only serves to mask its effects. In fact, but telling your software firewall to block traffic and then not to bother you again is folly, as you have then effectively locked the malware inside.

They also prove difficult to manage in a network situation because they exist in the wrong place. A firewall should be situated between networks and not within them. Also, most spyware is self inflicted by downloading other untrustworthy or "attractive" software containing a payload.

 

[smokeyJoe]

Have a look at Steve Gibsons excellent security site and use the tests to see how well protected you are.

Please don't be taken in by Steve Gibson. He's just a marketing man turned self proclaimed "security guru". His company have trouble writing software to do the most fundamental tasks such as authenticating a TCP connection request effectively.
Metronet have a good introduction to security & how to implement it.
http://support.metronet.co.uk/security.html

 

[Igorian]

Have you actually read the stuff on that site? It uses a lot of external links, some which are useful. However, it's own content appears badly written and some of the advice offered is questionable, especially given the type of equipment the average user would have. Some of the information also appears to be out of date.

 

[smokeyJoe]

I have read the contents of the metronet security pages. One of them describes setup for a netgear modem router.
One of the more useful links is probably http://www.grcsucks.com/
The contents are aimed at metronet customers - standard pc users.

 

[Igorian]