Jump to content
CCleaner Community Forums
rridgely

What type of Firewall do you use?

What type of firewall do you use?  

131 members have voted

  1. 1. What type of firewall do you use?

    • Hardware
      9
    • Software
      62
    • Both hardware and software
      49
    • None
      11


Recommended Posts

I'm now using a hardware firewall with Windows Firewall.

 

 

Now for a REALLY stupid question - and, please, don't laugh :blink:

 

I access the internet via a wireless (Netgear) router - do I need another firewall - assuming the router acts as one in the first place? Currently I use Zone Alarm Free.

 

This just shows the limit of my computer knowledge! :unsure:

Share this post


Link to post
Share on other sites

kaybee, the only stupid question is the one that is not asked.

 

How about reviewing the comments in this topic.

 

Have a look at:

http://forum.piriform.com/index.php?showtopic=19530

 

We all learned from reading other people's experiences.

Share this post


Link to post
Share on other sites
I access the internet via a wireless (Netgear) router - do I need another firewall - assuming the router acts as one in the first place? Currently I use Zone Alarm Free.

 

A Comodo software firewall protects me.

 

Recently a Netgear Wireless Router / Modem was added.

This gives a better connection speed than the Speedtouch modem I previously used.

 

Netgear is set to allow "outgoing only",

but I was amazed at the incoming it also allowed which should have been blocked.

 

I have a dynamic IP address, so some days I inherit what was used by a more social animal,

and the Comodo logs would show many incoming attempts from his Peer to Peer and Bit Torrent friends trying to resume yesterday's experiences.

Far less often, I would get hit by a trojan army - perhaps 50 incoming attempts from different IP addresses within 0.2 Seconds, and repeated at 5 second intervals with a totally different set of IP addresses. Both old Comodo 2 and new Comodo 3 blocked perfectly, but old Comodo 2 would take a high percentage of the CPU cycles unless I disabled logging - it was actually simpler to disconnect and reconnect to the ISP and my old IP address became some-one else's problem

 

Netgear removes much BUT NOT ALL of the burden of the above from the software firewall (and the CPU cycles),

so I still NEED the software firewall for maximum security.

 

I have lost count of the number of software packages I downloaded trouble free (before and after the Netgear addition).

The first Netgear Router software upgrade was no trouble at all.

The second Netgear Wireless adapter upgrade just would not happen.

I inspected the Comodo log and found it totally blocked an INCOMING from the Netgear web-site.

I had to tell Comodo to permit INCOMING for that particular web-site, and then I got the upgrade.

 

The problem is that hardware firewalls assume that if you make an outgoing connection to an IP address,

then they should not only accept replies to your connection, they also accept anything else (including malware) which that IP address decides to stuff down your throat.

 

I have just downloaded CCleaner ccsetup215.exe

Comodo shows that a TCP Out transaction from my port 1438 to Piriform 72.21.207.132:80 sent 872 bytes out, and received 3.1 MBytes in as a reply to the same port. Every time I download anything from anywhere, I can receive megabytes coming in as a reply to the port from which I sent a fist full of bytes to make the request.

Because Windows gave Firefox an unused port (e.g. 1438) any incoming packets go direct to Firefox to handle the download, and Comodo (and also Netgear) accept this as as a reply on an outgoing connection.

That always happens with whatever port happens to be allocated by Windows.

 

The only download problem was the Netgear Wireless upgrade. I sent the fist full of bytes from port e.g. 2345, and Netgear web site tried to stuff the update down my port 2346. I don't know the details of FTP, but I guess that is what they aimed for.

The netgear firewall permitted this in-appropriate download aimed at a port which had NOT been allocated to Firefox, but fortunately Comodo blocked it.

 

I am really glad that Comodo blocked it. I had the minor inconvenience of a delay investigating and then altering a firewall rule - but I also got peace of mind.

 

Had Comodo NOT been present, then Netgear would have allowed uncontrollable stuff into a port over which my legitimate applications had no control. The consequences could have been :-

illegitimate malware could have first acquired that port (2346) and now been waiting for this damaging payload;

Windows might have taken "default" action over incoming to an unallocated port, and the default with a "privileged port" is to allow a total stranger to take over your computer ! !

 

Netgear not only allows incoming packets to the wrong port, it allows the wrong protocol also.

Netgear blocks ICMP which includes Echo Requests - mostly.

I found that some internet speed test sites send echo requests to me, and Netgear allows them through, and only Comodo stops them (I have to set specific permissions for the sites to which I wish to echo).

Some web sites will respond to a Ping, which helps strangers observe internet delays etc.

Other web-sites do NOT because a computer can be infected by specially crafted ICMP messages.

I wish to be like a secure internet banking web-site, and have Comodo block unwanted ICMP messages.

 

A few weeks ago M.S. revealed an exploit that had been in the wild for several months, and the last "out-of-cycle" security patch has mitigated the danger.

I believe an "SQL Injection Attack" could compromise a web-site so that visitors could be infected.

I do not know the details, but I assume that when that danger exists :-

Hardware Firewall will NOT protect when visiting an infected web-site;

Software Firewall WILL protect from an infected web-site (unless it is a reply with the same protocol to the same port number).

 

I believe :-

The Netgear Router/Firewall/Modem gives me better speed on the Internet, but does not block anything which would not be blocked by the software firewall;

My (software) firewall protection fends off any infection from unintentional connections/downloads.

 

Any download containing malware that I may be tricked or re-directed to will get through the firewalls.

Once downloaded malware is initiated, my anti-virus should inspect and detect and block before it gets into the system.

 

If malware gets through, I have lost control (what little control Windows allows a humble administrator ! ), and :-

Hardware can do nothing for me - it cannot distinguish Firefox or a new keylogger/trojan making an outgoing connection;

Software knows if any application is authorised to make a connection, and if not will block it;

so even if malware has stolen my identity and credit card numbers, it cannot "phone home" with my details.

(In addition, Comodo does not only stop bad stuff in both directions, but also will block a keylogger etc. from merely gathering information - long before the keylogger tries to phone home.)

 

I feel I am better protected by having a software firewall.

 

I am not complacent, so remain alert to any unexpected changes in how my system behaves.

I fear I could be at greater risk from a Security patch impairing the system or making it unbootable,

which is why I always wait a day or two after Patch Tuesday to see if there are any casualties,

and then before unleashing the patch I create a fresh disk image just in-case.

 

The last time I had a virus was before the internet, when my younger son would get home from school before I left work, and he had copied from his friends more games onto a box of 5.25 inch floppy discs.

Every other weekend I had to re-install DOS 3.13.

Been there, done that, not doing it again ! !

 

Perpetually Paranoid

Alan

Share this post


Link to post
Share on other sites

Wireless Routers/Firewalls are vulnerable, especially if the Wireless link is not encrypted adequately.

 

WEP is not adequate.

 

Also WAP is not adequate according to http://blogs.techrepublic.com.com/security/?p=708

 

I use WAP2 so I have no fear - yet ! !

 

When WAP2 is broken then a neighbour MIGHT steal some of the bandwidth supplied by by ISP.

 

I assume my hardware firewall "protects" my computer only from malware delivered by my ISP,

and any wireless hack could enter my computer direct via the wireless without the hardware firewall being aware of it.

This is yet another reason for continuing to use a software firewall that protects both my Ethernet and wireless connections.

 

Regards

Alan

Share this post


Link to post
Share on other sites

you can see my Laptop configuration in my signature, I use Outpost Firewall Pro 2009, but I've not install the Antispyware and Webcontent control that come with that :)

Share this post


Link to post
Share on other sites
Actually I don't use a firewall, but the good old windows firewall is turned on. (otherwise the security center starts naggin' again... :P ) I like to use as few system resources as possible ;)

 

You can go in the Security Center and change the way it alerts you when you don't have an anti-virus or disable Windows Firewall :o)

Share this post


Link to post
Share on other sites

I use Windows 7 Firewall. I don't want software firewalls because they are resource hogger.

Share this post


Link to post
Share on other sites

Its not wise to run without an anti virus.

 

avast! is very good.

Share this post


Link to post
Share on other sites
What type of firewall do you use?

I use Zone Alarm Free. Ive been using it for 2 or 3 years. I'm very satisfied with it, and would recommend it to anyone. :P

Share this post


Link to post
Share on other sites
Don't use one, just Windows Firewall. :)

Do you use Vista?

Share this post


Link to post
Share on other sites

I have a hardware one built into my router, but only use the windows built in software firewall. I tried a bunch, and to be honest, I found that so much of the security stuff out there was as bad as the malware for slowing things down and such. I just keep all private stuff on an external and turned off when surfing, and use common sense when opening emails and going to web sites.

 

:)

Share this post


Link to post
Share on other sites

Still using router+XP's firewall. I haven't got a need in having complete control in outbound connections. Common sense pretty much covers my security needs, well perhaps our security needs.

Share this post


Link to post
Share on other sites

hey guys,this post is really interesting..i have verizon dsl,westell versalink 327w ..xp-pro-sp3

i found my firewall setting for westell..it has 5 options.

 

Custom Security (Custom)

 

 

Custom is a very advanced configuration option that allows you to edit the firewall configuration directly. Only expert users should attempt this.

No Security (None)

 

 

All traffic is allowed.

 

 

Minimum Security (Low)

 

 

The low security setting will allow all traffic except for known attacks. With low, your modem is visible by other computers on the Internet.

 

 

 

Typical Security (Medium)

 

The medium security setting only allows basic Internet functionality by default, just like High level security. Medium security, however, allows customization through Port Forwarding configuration so certain traffic can pass.

 

 

Maximum Security (High)

 

 

The high security setting only allows basic Internet functionality. The High security setting guarantees to only pass Mail, News, Web, FTP, and IPSEC. All other traffic is not allowed. High security restricts modification by NAT configuration options.

 

 

NOW... .which setting should i check along with windows firewall...hope there are some verizon,westell327w routers persons who has experience with this settings.

and yeah i need to cut downon resources,i only have 768ram

thanks

Share this post


Link to post
Share on other sites

I use Kaspersky for Windows Workstation (Commercial) Antivirus which has a firewall and Windows firewall. Been great- no threats so far for more than a year. :rolleyes: Love Kaspersky

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×