Router firewalls - no need for Zonealarm ?

Thinking of something like the new Draytek Wireless router

http://www.draytek.co.uk/products/vigor2600g.html

with this sort of thing for a home network

do you still need something like zonealarm on each pc
or is the router firewall good enough ?

i supppose i could install zone but turn it off when used with the router
to save resources and some comments on zonealarm using bandwidth

thanks

zero wrote:

> Thinking of something like the new Draytek Wireless router
>
> http://www.draytek.co.uk/products/vigor2600g.html
>
> with this sort of thing for a home network
>
> do you still need something like zonealarm on each pc
> or is the router firewall good enough ?
>
> i supppose i could install zone but turn it off when used with the router
> to save resources and some comments on zonealarm using bandwidth
>
> thanks
>
>
>
Dump ZA and stick with the routers firewall, just make sure you have
configured it properly.

--
eusty
UK Broadband Usergroup : http://www.uk-bug.net

(¯`·._.· All Outgoing Mail Scanned Virus Free ·._.·´¯)

On Thu, 12 Feb 2004 22:18:05 +0000, eusty
<steve@eusty_I_DONT_LIKE_SPAM.co.uk> wrote:

>zero wrote:
>
>> Thinking of something like the new Draytek Wireless router
>>
>> http://www.draytek.co.uk/products/vigor2600g.html
>>
>> with this sort of thing for a home network
>>
>> do you still need something like zonealarm on each pc
>> or is the router firewall good enough ?
>>
>> i supppose i could install zone but turn it off when used with the router
>> to save resources and some comments on zonealarm using bandwidth
>>
>> thanks
>>
>>
>>
>Dump ZA and stick with the routers firewall, just make sure you have
>configured it properly.

Perhaps you would care to eloborate on "configuring it properly"; I
would say for the vast majority it is just fine with factory defaults.

Now with Zone Alarm I came across a configuration the other day that
was blocking auto updates from Norton! So much for having a raincoat
and not wearing it when its chucking it down.

David Bradley

The Draytek comes pre configured with all ports stealthed etc.,
so unless you make changes is as safe as can be. (Not the case with all
routers)
One thing to note though. The only thing accessible from the net on your
allocated IP is the router set up page.
If you leave it blank with no password someone could mess with it !
Regards,
Martin

On Thu, 12 Feb 2004 22:06:58 -0000, "zero" <(E-Mail Removed)>
wrote:

>Thinking of something like the new Draytek Wireless router
>
>http://www.draytek.co.uk/products/vigor2600g.html
>
>with this sort of thing for a home network
>
>do you still need something like zonealarm on each pc
>or is the router firewall good enough ?

Don't dump Zone Alarm. The router firewall will protect you from
incoming attacks, but Zone Alarm will also block outgoing connections
from rogue applications running on your PC.

On Fri, 13 Feb 2004 10:59:23 +0800, Chris Blunt
<(E-Mail Removed)> wrote:

>>Thinking of something like the new Draytek Wireless router
>>
>>http://www.draytek.co.uk/products/vigor2600g.html
>>
>>with this sort of thing for a home network
>>
>>do you still need something like zonealarm on each pc
>>or is the router firewall good enough ?
>
>Don't dump Zone Alarm. The router firewall will protect you from
>incoming attacks, but Zone Alarm will also block outgoing connections
>from rogue applications running on your PC.

As can the filters on the Draytek. Having one set of firewall rules
(in and outbound traffic) is preferable to having to maintain ZA on
one or more connected PC's.

Of course you could use both.

--
Hiram Hackenbacker

In message <qwWWb.3577$Y%(E-Mail Removed)>, Martin²
<(E-Mail Removed)> writes
>The Draytek comes pre configured with all ports stealthed etc.,
>so unless you make changes is as safe as can be. (Not the case with all
>routers)
>One thing to note though. The only thing accessible from the net on your
>allocated IP is the router set up page.
How can it be 'stealthed' if you can access the config page from the
outside world? Surely this means it's responding to 'SYN' packets and,
by definition, isn't 'stealthy'.
>If you leave it blank with no password someone could mess with it !
Definitely not a 'good thing' to have happening.
>Regards,
>Martin
>
>
>

--
Clint Sharp

In an earlier contribution to this discussion,
Hiram Hackenbacker <(E-Mail Removed)> wrote:

> On Fri, 13 Feb 2004 10:59:23 +0800, Chris Blunt
> <(E-Mail Removed)> wrote:
>
>>
>> Don't dump Zone Alarm. The router firewall will protect you from
>> incoming attacks, but Zone Alarm will also block outgoing connections
>> from rogue applications running on your PC.
>
> As can the filters on the Draytek. Having one set of firewall rules
> (in and outbound traffic) is preferable to having to maintain ZA on
> one or more connected PC's.
>


Not sure how the router filters would work in the case of picking up a
trojan which "calls home". ZA would detect and warn that a new application
was trying to access the internet. What would the router filters do under
these circumstances if you weren't also using ZA?
--
Cheers,
Tim
______
Please reply to newsgroup. Reply address is Black Hole!

In article news:<(E-Mail Removed)>, Hiram
Hackenbacker wrote:
> As can the filters on the Draytek. Having one set of firewall rules
> (in and outbound traffic) is preferable to having to maintain ZA on
> one or more connected PC's.

ZA and the likes have the advantage that they tell you which
application is trying to make an internet connection. The router will
prevent connections to odd addresses/ports but can't tell you where
they came from, and any ports you don't filter are wide open.

If you get a virus/worm that runs its own SMTP server ZA will catch
it, but the router will just see SMTP traffic that will be
indistinguishable from normal EMail and will let it through.

Cheers,
Daniel.

Daniel James wrote:

> ZA and the likes have the advantage that they tell you which
> application is trying to make an internet connection. The router will
> prevent connections to odd addresses/ports but can't tell you where

ZA can be handy in these cases - but it can also cause undue concern for
users by reporting loads of stuff that you really don't need to know. In
you need to, a correctly setup router can usually log information about
which PC, which port, which addresses etc. attempted a connection.

> they came from, and any ports you don't filter are wide open.

Standard practice for router setup *should* be to block all traffic in
and out by default. Then create specific rules to enable the outgoing
ports you need.

> If you get a virus/worm that runs its own SMTP server ZA will catch
> it, but the router will just see SMTP traffic that will be
> indistinguishable from normal EMail and will let it through.

This is true - but with a well configured firewall and sensible email
precautions you should not be getting a worm in the first place ;-)


--
Cheers,

John.

/================================================== ===============\
| Internode Ltd - http://www.internode.co.uk |
|-----------------------------------------------------------------|
| John Rumm - john(at)internode(dot)co(dot)uk |
\================================================= ================/