In an earlier contribution to this discussion,
Martin Underwood <a@b> wrote:
> Travec The Dacian wrote in
> (E-Mail Removed):
>
>> Sorry if this is a little OT. I run a home wireless network which
>> accesses the internet via a Linksys broadband router+modem. The
>> router has a built-in firewall (but it looks pretty basic to my
>> uneducated eye). Do I REALLY need a separate firewall on every PC on
>> my network or is the firewall in the router sufficient on its own,
>> bearing in mind it's just a home network.
>
> My understanding is that the NAT aspect of a router acts as a pretty
> good firewall to protect you against incoming threats because it will
> not pass any unsolicited traffic, only traffic that is in response to
> a request (eg for a web page or to read a POP mailbox) from a PC on
> the private network.
> What it won't do (and nor will the Windows XP firewall) is to protect
> you against programs on your PC trying to access the Internet. To
> guard against that you need a firewall such as Norton Internet
> Security or Zone Alarm. This will ask for your permission for each
> program on the PC that wants to access the internet, the first time
> that program attempts to do so; having trained the firewall to accept
> or to block a given program, the same behaviour will be used in
> future, so you won't be asked each time you run IE, for example.
I would concur with that. If you don't want to spend any money, I would
recommend putting the free version of ZoneAlarm on each PC. It's perfectly
adequate for most purposes unless you're doing anything fancy with your PC.
It's still available, but not as easy to find as it used to be because Zone
Labs - for obvious commercial reasons - would rather *sell* you the PRO
version than give you the free one. So read the small print to make sure you
get the free one - and not a time-limited free trial of the PRO version.
The firmware firewall in the router plus a software firewall in each PC
should give pretty good protection against internet-borne nasties - assuming
that you're also running anti-virus software. But they provide no protection
against people gate-crashing your wireless LAN - so make sure you're using
the highest level of encryption which that supports, preferably coupled with
MAC address filtering, and changing the SSID to something other than the
default, and not broadcasting it.
--
Cheers,
Roger
______
Email address maintained for newsgroup use only, and not regularly
monitored.. Messages sent to it may not be read for several weeks.
PLEASE REPLY TO NEWSGROUP!
Similar Threads
Linear Mode
