Newbie question re router's built-in firewall

Hi,

I have a Linksys WRT54G router, an outstanding product in my humble
opinion.

I'm still a novice at this wireless malarkey so my questions are:

(1) given that I'm running with ZoneAlarm Professional, do I need to
enable the router's built-in firewall?

and

(2) if the answer to (1) is yes, do I need to bother with ZoneAlarm
Professional?

Any considered opinions greatly appreciated :-)

TIA.

Alex Flaherty wrote:
> Hi,
>
> I have a Linksys WRT54G router, an outstanding product in my humble
> opinion.
>
> I'm still a novice at this wireless malarkey so my questions are:
>
> (1) given that I'm running with ZoneAlarm Professional, do I need to
> enable the router's built-in firewall?
>
> and
>
> (2) if the answer to (1) is yes, do I need to bother with ZoneAlarm
> Professional?
>
> Any considered opinions greatly appreciated :-)
>
> TIA.

By all means enable the router's firewall; it probably offers stateful
packet inspection and DOS attack prevention. There are many who
believe that the mere presence of a NAT router obviates the need for a
personal firewall; the additional hardware firewall can only make your
security better overall.

Q

"Alex Flaherty" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed) ups.com...
> Hi,
>
> I have a Linksys WRT54G router, an outstanding product in my humble
> opinion.
>
> I'm still a novice at this wireless malarkey so my questions are:
>
> (1) given that I'm running with ZoneAlarm Professional, do I need to
> enable the router's built-in firewall?
>
> and
>
> (2) if the answer to (1) is yes, do I need to bother with ZoneAlarm
> Professional?
>
> Any considered opinions greatly appreciated :-)

Now from what I hear mind you I don't use a 54G router, that router can stop
inbound and outbound traffic by port, protocol and IP by setting rules. If
that is the case, then ZA would be out the door if I was using that router.
The only thing that router's firmware doesn't do is log traffic, which that
router has free 3rd party firmware you can install that will allow you to
use Wallwatcher and that's free too. The router is the better overall
solution in protecting the network.

However, since it's a wireless device some like to go with a PFW solution
for better protection in case the wireless is hacked to prevent access to
the machine. I myself would go where one should go is to the O/S and harden
it to attack and would still dump ZA, since the machine was behind the
protection of that router.

Duane .

"Alex Flaherty" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed) ups.com...
> Hi,
>
> I have a Linksys WRT54G router, an outstanding product in my humble
> opinion.
>
> I'm still a novice at this wireless malarkey so my questions are:
>
> (1) given that I'm running with ZoneAlarm Professional, do I need to
> enable the router's built-in firewall?

should not cause any harm - so why not?

dont forget this protects other devices plugged onto your LAN - temp laptops
for a visitor is an issue for me
>
> and
>
> (2) if the answer to (1) is yes, do I need to bother with ZoneAlarm
> Professional?

Yes - you should have a personal firewall.

the PFW has much better visibility of which programs cause traffic flows
since it can "tell" via the operating system which program tries to connect.

the Linksys only sees the network traffic, so it cannot identify which
application is querying a web server, only that it is from your PC.

finally if you have multiple PCs, then a personal firewall has some chance
of blocking a problem propagating locally.
>
> Any considered opinions greatly appreciated :-)

personal firewalls give much more fine grained control.

the router firewall insulates your LAN from the Internet to some extent

both are useful, and although there is some overlap they complement each
other.
>
> TIA.
--
Regards

(E-Mail Removed) - replace xyz with ntl

"Alex Flaherty" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed) ups.com...
> Hi,
>
> I have a Linksys WRT54G router, an outstanding product in my humble
> opinion.
>
> I'm still a novice at this wireless malarkey so my questions are:
>
> (1) given that I'm running with ZoneAlarm Professional, do I need to
> enable the router's built-in firewall?
>
> and
>
> (2) if the answer to (1) is yes, do I need to bother with ZoneAlarm
> Professional?
>
> Any considered opinions greatly appreciated :-)
>
> TIA.

The router will not stop outbound traffic, whereas ZA will. E.g. that damn
trojan gets into your machine via an email and it then starts calling home -
the NAT of the router will not help, but ZA will alert you to this evil
happen-stance!

"__spc__" <s p a m t i m e @ n t l w o r l d . c o m> wrote in message
news:F_Zof.14362$(E-Mail Removed)...
>
> "Alex Flaherty" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed) ups.com...
>> Hi,
>>
>> I have a Linksys WRT54G router, an outstanding product in my humble
>> opinion.
>>
>> I'm still a novice at this wireless malarkey so my questions are:
>>
>> (1) given that I'm running with ZoneAlarm Professional, do I need to
>> enable the router's built-in firewall?
>>
>> and
>>
>> (2) if the answer to (1) is yes, do I need to bother with ZoneAlarm
>> Professional?
>>
>> Any considered opinions greatly appreciated :-)
>>
>> TIA.
>
> The router will not stop outbound traffic, whereas ZA will. E.g. that
> damn trojan gets into your machine via an email and it then starts calling
> home - the NAT of the router will not help, but ZA will alert you to this
> evil happen-stance!

From what I have been told, that 54g can stop outbound traffic by setting
rules to stop it. Using a log viewer like Wallwtacher will allow the user to
see both inbound and outbound traffic to and from the machines behind the
router and one can easily spot connections to dubious remote IP(s) and what
machine on the LAN is doing it. One should not use something like a
personal FW as a stops all and ends all solution because malware can go
over, under, around and through a PFW and even reconfig a PFW solution and
it can be attacked and defeated just like the O/S can be attacked and
defeated, since it runs with the O/S. The packet filtering FW router that
can stop inbound and outbound traffic with logging cannot be taken out,
circumvented and defeated like the PFW solution.

One looks from time to time with the proper tools and not depend upon a PFW
solution like a crutch.

Long

http://www.windowsecurity.com/articl...vironment.html

Short

http://tinyurl.com/klw1

Duane