Router or Firewall Program?

Discussion in 'Networking and Security' started by BobbyMurcerFan, Mar 5, 2003.

  1. I'm wondering what you guys do for internet protection, use a router, like Linksys, that masks your IP address or use a firewall program, like Norton?

    I'm using Norton, but have been told the router route :) is better, more secure, and causes less program conflicts. Any thoughts?

    Thanks.
     
  2. My guess is most of us use both. If you have broadband, you want a router anyway. Firewall programs like zone alarm do not cause conflicts. Some people who operate behind corporate firewalls do have issues.
     
  3. CalTrader

    CalTrader Guest

    If you have a high-speed network connection then you really should consider at least a dedicated hardware router. A much better solution is to combine a router with intrusion detection systems / firewalls and a DMZ network segment. If you do all three (and combine them with proper management) then it is extremely unlikely that anyone would ever gain access to your systems. For the average user a simple 200-300 dollar low end router is a very good investment - netgear, linksys etc.
     
  4. If I'm connecting a single computer to my DSL account, then a router's only function would be to mask my IP, correct? I mean there would be no performance difference between going through the router and connecting my single pc directly to the DSL modem. Correct?
     
  5. No performance difference. However, if you use a NAT router or a router with an integral firewall then it's not "masking your IP", it's actually blocking unsolicited inbound traffic to you.

    And don't underestimate what that means - especially if you plan to leave your DSL link up 24/7. While a cable connection suffers from the potential of network sniffing or local loop hacking, a DSL (although point to point) still suffers from being vulnerable to internet-based hacking. There are groups (especially in Europe and Asia) that do nothing but scan banks of IP addresses constantly looking for vulnerabilities. A NAT or firewalled router will make your computer invisible to such scans. You could easily see port scans happen 30-40 times a week.
     
  6. CalTrader

    CalTrader Guest

    On our internet facing networks its actually something like 30 - 40 scans per day MINIMUM: sometimes it runs in the hundreds and during a virus breakout, it can run into the thousands of intrusion attempts and/or scans per day.
     
  7. BTW, it seems that cable modems are less secure than DSL connections.

    Would a cable + router + firewall setup be as safe as DSL with the same protection hardware? I'm asking b/c I'm considering a second computer with it's own high speed connection and am leaning towards cable for the second setup. Can cable not be made as secure as DSL?

    Thanks agian!
     
  8. CalTrader

    CalTrader Guest

    cable or dsl ... It doesn't matter. All you typically get from either is an IP address - either static or dynamic. They typically pass through all of the traffic to your computer: in this case you need some type of router / firewall combination: Netgear makes some good low cost solutions.
     
  9. From my own flavor & to summarzie some of the good insights from others here............you need a dynamic IP address with a software & hardware firewall. The hardware firewall for incoming stuff & the software firewall to let you know if you have obtained any trojans, spyware, etc. that may be trying to get outbound from your machine. You also want to make sure that your IP address is not being broadcast all over the universe.

    There are a ton of software firewalls out there......I would be curious to here what you guys think of the latest McAfee one....it seems to really suck the life out of my machine. Performance dramatically suffered so I dumped it. This is with either XP or 98...................
     
  10. TGregg

    TGregg

    Think of it like car protection. You are not going to stop somebody from stealing your car, there's no way. I mean, if they really want it, they can get a crane to pick it up and put it on a flatbed. You can however, convince them that it'd be easier to steal somebody else's car instead of yours by using car alarms, locking the doors, kill switches, etc.

    So, if you are using a firewall and a router, you'll be convincing the crooks that they'd get more bang for the buck elsewhere. And you should be mostly fine with either cable or DSL. However, somebody could come by with a crane. . .
     
    #10     Mar 5, 2003