WRT54G firewall???

Hello All

As I try to get my friend's WRT54G wireless to work permanently (an earlier
post), I am wondering something. The box says the WRT54G has a built-in
firewall. But I also installed Zone Alarm, which is reporting many ping and
other attempts getting through to my friend's laptop through the WRT54G -
using either the Ethernet card or the laptop wireless card.

We intend to keep Zone Alarm (we shut off the Windows XP firewall.) But I'm
wondering: Is the WRT54G firewall not that good or do we have to turn
something on?

Thanks.

Anthony Giorgianni wrote:
> Hello All
>
> As I try to get my friend's WRT54G wireless to work permanently (an earlier
> post), I am wondering something. The box says the WRT54G has a built-in
> firewall. But I also installed Zone Alarm, which is reporting many ping and
> other attempts getting through to my friend's laptop through the WRT54G -
> using either the Ethernet card or the laptop wireless card.
See "Block WAN Requests" and make sure that the checkbox for "Block
Anonymous Internet Requests " is ticked in the WRT54G Security/Firewall
setting to prevent responses to Pings.Zone Alarm can also be configured
so that there will be no response to ICMP Pings.
>
> We intend to keep Zone Alarm (we shut off the Windows XP firewall.) But I'm
> wondering: Is the WRT54G firewall not that good or do we have to turn
> something on?
>
> Thanks.
>
>
>
It has an SPI Firewall which will examine all incoming data
transmission,if a packet is a legitimate reply to a request from within
the network, the SPI Firewall would permit its passage through.
Otherwise, access is denied. This allows relatively unrestricted
transmission from within the network, and selective but flexible access
from the outside.
The SPI Firewall can also track individual connections and will grant
temporary access in the firewall under appropriate conditions,for e.g
Applications and Gaming.

"Anthony Giorgianni" <(E-Mail Removed) >
wrote in
news:wD2ke.809633$(E-Mail Removed):

> Hello All
>
> As I try to get my friend's WRT54G wireless to work permanently (an
> earlier post), I am wondering something. The box says the WRT54G has a
> built-in firewall. But I also installed Zone Alarm, which is reporting
> many ping and other attempts getting through to my friend's laptop
> through the WRT54G - using either the Ethernet card or the laptop
> wireless card.
>
> We intend to keep Zone Alarm (we shut off the Windows XP firewall.)
> But I'm wondering: Is the WRT54G firewall not that good or do we have
> to turn something on?
>

The NAT router will stop unsolicited inbound traffic from reaching the
machine by not forwarding those requests. And what do you mean that ping
traffic is reaching the machine behind the router, unless the machine is
making a solicitation for traffic/a test behind the router for the
traffic, then the router is going to let it through? Otherwise,
unsolicited inbound traffic is not going to come past that NAT router.

Just because SPI is being mentioned as a feature of the NAT (no firewall)
router doesn't mean its an appliance running true FW software that meets
the specs in the link for *What does a FW do?*.

http://www.vicomsoft.com/knowledge/r...irewalls1.html

What you have there is NAT (no FW) router with some FW like features and
that's it for home usage. It's good enough in the protection as long as
one doesn't do high risk things like port forwarding. On the other hand a
a NAT router can be attacked but most likely, it won't happen in your
case.

http://www.homenethelp.com/web/explain/about-NAT.asp

Some people supplement the NAT router with a PFW or some other packet
filtering software such as IPsec to stop inbound or outbound by port,
protocol or IP, since most NAT routers for home usage cannot do it.

http://www.petri.co.il/block_ping_tr...with_ipsec.htm
http://www.analogx.com/contents/articles/ipsec.htm

BTW, a personal firewall solution is not true FW software either as it
doesn't separate two networks, but rather it provides machine level
protection of the O/S, services and Internet applications when the
machine is directly connected to the Internet.

You should learn about FW(s).

http://www.more.net/technical/netserv/tcpip/firewalls/

If you had an appliance that was running FW software in the traditional
sense, a PFW solution would not be needed to supplement it.

Duane

On Sun, 22 May 2005 16:42:04 GMT, in alt.internet.wireless , "Anthony
Giorgianni" <(E-Mail Removed) > wrote:

>We intend to keep Zone Alarm (we shut off the Windows XP firewall.)

Good plan.

>But I'm wondering: Is the WRT54G firewall not that good or do we have to turn
>something on?

Firewalls in routers are typcally turned off by default, so as to
avoid people phoning support with obvious questions. RTFM to find how
to enable it.
--
Mark McIntyre
CLC FAQ <http://www.eskimo.com/~scs/C-faq/top.html>
CLC readme: <http://www.ungerhu.com/jxh/clc.welcome.txt>

----== Posted via Newsfeeds.Com - Unlimited-Uncensored-Secure Usenet News==----
http://www.newsfeeds.com The #1 Newsgroup Service in the World! 120,000+ Newsgroups
----= East and West-Coast Server Farms - Total Privacy via Encryption =----

On Sun, 22 May 2005 16:42:04 GMT, "Anthony Giorgianni"
<(E-Mail Removed) > wrote:

>As I try to get my friend's WRT54G wireless to work permanently (an earlier
>post), I am wondering something. The box says the WRT54G has a built-in
>firewall. But I also installed Zone Alarm, which is reporting many ping and
>other attempts getting through to my friend's laptop through the WRT54G -
>using either the Ethernet card or the laptop wireless card.
>
>We intend to keep Zone Alarm (we shut off the Windows XP firewall.) But I'm
>wondering: Is the WRT54G firewall not that good or do we have to turn
>something on?

Good thinking.

Your WRT54G firewall will protect your LAN against attacks via the
internet by hackers like myself. As long as you don't have any
exposed IP sockets (ports) in your firewall, you're generally
considered safe. However, I suggest you try running the firewall
exploits test at:
http://www.dslreports.com/scan
http://www.pcflank.com/exploits.htm
My WRT54G with Sveasoft Alchemy 1.0 firmware, passes all the test. My
BEFW11S4 hangs on two of the tests (I forgot which).

ZoneAlarm will also protect against incoming attacks, but also adds
protection against outgoing "ET phone home" type of software that
wants to send the mother ship everything it knows about you, your
machine, and your finances. The WRT54G firewall will do nothing for
detecting trojan horses, worms, and spyware that are delivered via web
pages and email. Zone Alarm will catch these, but you need to pay
attention when the popup boxes ask for confirmation.


--
Jeff Liebermann (E-Mail Removed)
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 AE6KS 831-336-2558

Excellent responses everyone! I'm now checking out all the links everyone
provided. I will have my friend conduct those tests, Jeff. Yes, I've told my
friend to be careful about what she enables to go out over ZA. Eventually,
she'll shut off the incoming notices. We also are running AVG antivirus and
AdAdware - running definition updates at least once daily. I'll double check
to make sure the router firewall is on too. I'd like to keep this machine
locked down tight.

Thanks again!

--
Regards,
Anthony Giorgianni

The return address for this post is fictitious. Please reply by posting back
to the newsgroup.

"Anthony Giorgianni" <(E-Mail Removed) >
wrote in
news:4rcke.812611$(E-Mail Removed):

> Excellent responses everyone! I'm now checking out all the links
> everyone provided. I will have my friend conduct those tests, Jeff.
> Yes, I've told my friend to be careful about what she enables to go
> out over ZA. Eventually, she'll shut off the incoming notices. We also
> are running AVG antivirus and AdAdware - running definition updates at
> least once daily. I'll double check to make sure the router firewall
> is on too.

> I'd like to keep this machine locked down tight.
>

Well don't use IE, OE, or Outlook, make sure the user doesn't have the
happy fingers that clicks on unknown things, practice safe hex and *harden*
the NT based O/S to attack by disabling unneeded services/things on the O/S
and you might have a change. Anything else you're talking about in the
protection other than the AV at the machine level is snake oil.

And again, the 54g is a NAT router with FW like features, is not running
true FW software in the traditional sense, is not a FW appliance and is
wireless (even more attackable).

Duane