Any point in multiple firewalls?

Done a bit of digging around but can't find anything conclusive so I'm
after opinions!

I started off with 1 pc connected via an Alcatel 'Slug' protected from
the outside world with Norton AntiVirus / Norton personal Firewall.

I then connected a second PC via a 4 port hub and set up basic
networking to allow the second pc to access the internet.

I've now replaced the slug and hub with a Netgear DG834G
router/hub/firewall partly so I don't need to have my 'main' pc
switched on all the time to allow internet access to the other pc and
mainly so I can have a wireless connection to my PowerBook

Now; is the 'hardware' firewall in the DG834G sufficient protection or
should I keep the Norton software firewall as well? Are there any
possible conflicts that I should be wary of? I'm having a few problems
with MSN Messenger, specifically audio and whiteboard connections at
the moment, although WebCam and file sending works ok.
If I should be keeping NPF, should I also install an equivalent
(free!) software firewall on my second pc and PowerBook?

Many thanks,

Mik

>
> Now; is the 'hardware' firewall in the DG834G sufficient protection or
> should I keep the Norton software firewall as well? Are there any
> possible conflicts that I should be wary of? I'm having a few problems
> with MSN Messenger, specifically audio and whiteboard connections at
> the moment, although WebCam and file sending works ok.
> If I should be keeping NPF, should I also install an equivalent
> (free!) software firewall on my second pc and PowerBook?

Hi,

Like you, I sit my two PC's behind a NAT router like the DG384G you
describe. This router has a built in firewall, but I have left it in its
default state (i.e. very basic config that blocks netbios). The fact that it
is a NAT router provides me (IMO) with suffcient protection from the outside
world (all unrequested packets are dropped before they even reach the
router's firewall).

However I also run a (free) Sygate software firewall on all local PCs. I
have never seen any intrusion attempts on it(as expected), but it does
provide a way to monitor what is getting sent OUT from my PC - for example
applications that "dial home" such as Real Player, Windows etc... this can
also be beneficial if you were to be infected by some sort of virus that
sent information out from your PC (a NAT router lets everything out). The
good thing about software firewalls, is that you can block outgoing attempts
at the application level, rather than having to block a range of ports (as
you would with the router's built in firewall).

So my recommendation, if, like me, you are security concious would be to
install a free software firewall to protect yourself from outgoing attempts.

James

"Michael Foggin" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed) m...
> Done a bit of digging around but can't find anything
conclusive so I'm
> after opinions!
>
> I started off with 1 pc connected via an Alcatel 'Slug'
protected from
> the outside world with Norton AntiVirus / Norton personal
Firewall.
>
> I then connected a second PC via a 4 port hub and set up
basic
> networking to allow the second pc to access the internet.
>
> I've now replaced the slug and hub with a Netgear DG834G
> router/hub/firewall partly so I don't need to have my
'main' pc
> switched on all the time to allow internet access to the
other pc and
> mainly so I can have a wireless connection to my PowerBook

>
> Now; is the 'hardware' firewall in the DG834G sufficient
protection or
> should I keep the Norton software firewall as well? Are
there any
> possible conflicts that I should be wary of? I'm having a
few problems
> with MSN Messenger, specifically audio and whiteboard
connections at
> the moment, although WebCam and file sending works ok.
> If I should be keeping NPF, should I also install an
equivalent
> (free!) software firewall on my second pc and PowerBook?

I think, at the end of the day, it's down to your paranoia
level ;-) Personally, I use a router, with built in
firewall, and find it more than sufficient for my needs.

P.

In an earlier contribution to this discussion,
PJB <(E-Mail Removed)> wrote:

> "Michael Foggin" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed) m...
>> Done a bit of digging around but can't find anything conclusive so
>> I'm after opinions!
>>
>> I started off with 1 pc connected via an Alcatel 'Slug' protected
>> from the outside world with Norton AntiVirus / Norton personal
>> Firewall.
>>
>> I then connected a second PC via a 4 port hub and set up basic
>> networking to allow the second pc to access the internet.
>>
>> I've now replaced the slug and hub with a Netgear DG834G
>> router/hub/firewall partly so I don't need to have my 'main' pc
>> switched on all the time to allow internet access to the other pc and
>> mainly so I can have a wireless connection to my PowerBook
>>
>> Now; is the 'hardware' firewall in the DG834G sufficient protection
>> or should I keep the Norton software firewall as well? Are there any
>> possible conflicts that I should be wary of? I'm having a few
>> problems with MSN Messenger, specifically audio and whiteboard
>> connections at the moment, although WebCam and file sending works ok.
>> If I should be keeping NPF, should I also install an equivalent
>> (free!) software firewall on my second pc and PowerBook?
>
> I think, at the end of the day, it's down to your paranoia
> level ;-) Personally, I use a router, with built in
> firewall, and find it more than sufficient for my needs.
>
> P.

This matter is debated quite frequently!

The perceived wisdom - and certainly the one I adopt - is to use a personal
firewall in each PC (ZoneAlarm in my case) in addition to the one built into
the router.

The rationale behind this is that a router's firewall will protect against
incoming nasties, but doesn't care what goes out. Thus, if your PC becomes
infected with a Trojan which "calls home" with all your personal details,
the router won't stop it.

I don't know much about Norton Personal firewall, but ZoneAlarm alerts the
user when any unknown program tries to access the internet, and thus
protects against Trojans.
--
Cheers,
Tim
______
Please reply to newsgroup. Reply address is invalid.

Tiscali Tim wrote:
> In an earlier contribution to this discussion,
> PJB <(E-Mail Removed)> wrote:
>
>
>>"Michael Foggin" <(E-Mail Removed)> wrote in message
>>news:(E-Mail Removed). com...
>>
>>>Done a bit of digging around but can't find anything conclusive so
>>>I'm after opinions!
>>>
>>>I started off with 1 pc connected via an Alcatel 'Slug' protected
>>>from the outside world with Norton AntiVirus / Norton personal
>>>Firewall.
>>>
>>>I then connected a second PC via a 4 port hub and set up basic
>>>networking to allow the second pc to access the internet.
>>>
>>>I've now replaced the slug and hub with a Netgear DG834G
>>>router/hub/firewall partly so I don't need to have my 'main' pc
>>>switched on all the time to allow internet access to the other pc and
>>>mainly so I can have a wireless connection to my PowerBook
>>>
>>>Now; is the 'hardware' firewall in the DG834G sufficient protection
>>>or should I keep the Norton software firewall as well? Are there any
>>>possible conflicts that I should be wary of? I'm having a few
>>>problems with MSN Messenger, specifically audio and whiteboard
>>>connections at the moment, although WebCam and file sending works ok.
>>>If I should be keeping NPF, should I also install an equivalent
>>>(free!) software firewall on my second pc and PowerBook?
>>
>>I think, at the end of the day, it's down to your paranoia
>>level ;-) Personally, I use a router, with built in
>>firewall, and find it more than sufficient for my needs.
>>
>>P.
>
>
> This matter is debated quite frequently!
>
> The perceived wisdom - and certainly the one I adopt - is to use a personal
> firewall in each PC (ZoneAlarm in my case) in addition to the one built into
> the router.
>
> The rationale behind this is that a router's firewall will protect against
> incoming nasties, but doesn't care what goes out. Thus, if your PC becomes
> infected with a Trojan which "calls home" with all your personal details,
> the router won't stop it.
>
> I don't know much about Norton Personal firewall, but ZoneAlarm alerts the
> user when any unknown program tries to access the internet, and thus
> protects against Trojans.

One other good reason , if anyone/anything ever manages to breach the
first firewall in this case the netgear one there is still one more
layer of protection before anyone/thing gets access to your data. This
second layer firewall should be from different manufacture to the
primary layer firewall. In short two firewalls is good.

Andrew


ANdrew

--
To reply via email, first reverse the address below then replace the
(at) with @ and the (dot) with .
moc(tod)xepip(tod)lsd(ta)spuorgswen_werdna

"Andrew Welham" <(E-Mail Removed)> wrote in message
news:40cdfe53$0$25327$(E-Mail Removed)...
> Tiscali Tim wrote:
> > In an earlier contribution to this discussion,
> > PJB <(E-Mail Removed)> wrote:
> >
> >
> >>"Michael Foggin" <(E-Mail Removed)> wrote in message
> >>news:(E-Mail Removed). com...
> >>
> >>>Done a bit of digging around but can't find anything conclusive so
> >>>I'm after opinions!
> >>>
> >>>I started off with 1 pc connected via an Alcatel 'Slug' protected
> >>>from the outside world with Norton AntiVirus / Norton personal
> >>>Firewall.
> >>>
> >>>I then connected a second PC via a 4 port hub and set up basic
> >>>networking to allow the second pc to access the internet.
> >>>
> >>>I've now replaced the slug and hub with a Netgear DG834G
> >>>router/hub/firewall partly so I don't need to have my 'main' pc
> >>>switched on all the time to allow internet access to the other pc and
> >>>mainly so I can have a wireless connection to my PowerBook
> >>>
> >>>Now; is the 'hardware' firewall in the DG834G sufficient protection
> >>>or should I keep the Norton software firewall as well? Are there any
> >>>possible conflicts that I should be wary of? I'm having a few
> >>>problems with MSN Messenger, specifically audio and whiteboard
> >>>connections at the moment, although WebCam and file sending works ok.
> >>>If I should be keeping NPF, should I also install an equivalent
> >>>(free!) software firewall on my second pc and PowerBook?
> >>
> >>I think, at the end of the day, it's down to your paranoia
> >>level ;-) Personally, I use a router, with built in
> >>firewall, and find it more than sufficient for my needs.
> >>
> >>P.
> >
> >
> > This matter is debated quite frequently!
> >
> > The perceived wisdom - and certainly the one I adopt - is to use a
personal
> > firewall in each PC (ZoneAlarm in my case) in addition to the one built
into
> > the router.
> >
> > The rationale behind this is that a router's firewall will protect
against
> > incoming nasties, but doesn't care what goes out. Thus, if your PC
becomes
> > infected with a Trojan which "calls home" with all your personal
details,
> > the router won't stop it.
> >
> > I don't know much about Norton Personal firewall, but ZoneAlarm alerts
the
> > user when any unknown program tries to access the internet, and thus
> > protects against Trojans.
>
> One other good reason , if anyone/anything ever manages to breach the
> first firewall in this case the netgear one there is still one more
> layer of protection before anyone/thing gets access to your data. This
> second layer firewall should be from different manufacture to the
> primary layer firewall. In short two firewalls is good.
>
> Andrew
>
>
> ANdrew
>
> --

I would agree with all the above posters: I use 3 firewalls, one as part of
the modem to stop dirt coming in, another in series with the first with
which I also do traffic throttling with and then each pc runs NIS in case
either of my sons download a 'knitting pattern' which contains an unknown
malicious payload.

The second one is fun as its a Netscreen device I got on eBay for £50 and
you can do some interesting analysis and blocking on it ( sad, yes I know,
but its fun watching Kazaa go down to a drip feed instead of blocking mine
and my wife's browsing)

Cheers, Mike