Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Firewall vs Router


  • Please log in to reply

#1
SpaceCowboy706

SpaceCowboy706

    Trusted Tech

  • Member
  • PipPipPipPip
  • 1,175 posts
I have heard many people say that if you have a router you do not need a firewall for protection against hackers... Is this true or false.... and if so WHY ?

Somehow hackers cannot see past routers when snooping around....IS what I have been told by my companies IT Dorks. Well i am at home and i have a router, windows firewall (Which as far as i know has never blocked anything) and MCAfee's firewall. MY Mcafee pricvacy service has reported numerous attempt from external sources to access my locally shared files and folders.

Is this "HACKERS" trying to get data or just something else ?
  • 0

Advertisements


#2
flexoman

flexoman

    Member

  • Member
  • PipPip
  • 16 posts
I've got only a DLink router running and I have no problems
other than the ones I create myself by visiting websites that
hand you some form of spyware, adware, or whatever else
that be annoying these days.

Routers do not keep you from downloading malicious files..
only you can control that...but a router's built in firewall is very good at
blocking any external sources from entering your computer
unless of course you change settings to allow this (such as
being a DMZ host)....

I would imagine that using multiple software firewalls is self
defeating also...Just a guess.

These are just my experiences and not to be assumed that you or
anyone else will not get hacked past a router's internal firewall.


Hope this sheds a little light.
  • 0

#3
Irongeek

Irongeek

    banned

  • Banned
  • PipPip
  • 82 posts

I have heard many people say that if you have a router you do not need a firewall for protection against hackers... Is this true or false.... and if so WHY ?


Routers are Hardware firewalls! (Dlink Linksys Netgear) are better than software firewalls. (ICF, ZONEALARM, SYMANTEC)

Somehow hackers cannot see past routers when snooping around....IS what I have been told by my companies IT Dorks


Hackers can see the PCs behind a router/firewall of course misconfigureation for example. :tazz: but If the proper security rules have been applied then your can be pretty secure. Of course their are other security measures done as well. OSS Operating System Security)

MY Mcafee pricvacy service has reported numerous attempt from external sources to access my locally shared files and folders.

Is this "HACKERS" trying to get data or just something else ?


Post the log file. ;)
  • 0

#4
gerryf

gerryf

    Retired Staff

  • Retired Staff
  • 11,365 posts
routers are not true firewalls, but some do achieve some of the same effect because they hide your computer using NAT (network address translation).

Home routers achieves this by giving PCs on your side of the firewall a private ip address, like 192.168.0.x. Your Router has the the ip address someone looking from the internet sees, like 68.12.x.x

When you request a webpage, your router takes the packet from your pc, substitutes it's own packet with it's IP address, sents the request on, then the remote server returns the info, and your router routes it back to you.

So, a router does shield your pc to some extent.

The protection offered by NAT, however, is pretty limited. It keeps attackers from sending things to your PC and it keeps people from connecting to services and backdoors installed on your computer.

But such routers do not monitor your outgoing packets, though, so if you have a trojan on your PC, it just assumes it is from you and sends it merrily on its way, and also returns info sent from the trojan to your pc.

In truth, the value of a typical firewall is limited, though--since many malware programs are qute capable of mimicking allowed outgoing programs, the value of a software firewall is diminished.

That does not mean you should not have one; a screen door is better than no door at all---just don't get too comfortable.
  • 0

#5
Irongeek

Irongeek

    banned

  • Banned
  • PipPip
  • 82 posts

routers are not true firewalls, but some do achieve some of the same effect because they hide your computer using NAT (network address translation).


If you want to get technical with it simply ROUTER is a LAN based communications equipment that forwards information between computer networks.


The protection offered by NAT, however, is pretty limited. It keeps attackers from sending things to your PC and it keeps people from connecting to services and backdoors installed on your computer.


The IP address used for the router is only routable IP address. The computers behind the NAT can access the Internet through the router, but Internet users can't access the computers behind the router. :tazz:


Jul/10/2005 22:11:33 Spoof Attack fromd MAC(00-0C-41-24-86-59) Detected <--from me on another PC. ;)

In truth, the value of a typical firewall is limited, though--since many malware programs are qute capable of mimicking allowed outgoing programs, the value of a software firewall is diminished.


Some firewalls have outbound detection like sygate while others like ICF for XP doesnt.

That does not mean you should not have one; a screen door is better than no door at all---just don't get too comfortable.


If you configure your router correctly theirs no need for a software firewall. ;)
  • 0

#6
gerryf

gerryf

    Retired Staff

  • Retired Staff
  • 11,365 posts
I am unsure what your point is on the first two points, but you didn't read what I said on the third, and the fourth is just incorrect.

Point three, if you make your interent browser a trusted application, and a malware program mimicks your browser or uses your browser as its means of communcation, it can freely blow by your firewall as if it is not there. There are many malware programs that do this. That doesn't mean a firewall that filters outbound packets is useless, just not fool proof

on point four, you cannot configure most typical home routers to eliminate the use for a firewall. They are routers, not firewalls. You get a little comfort from NAT, but that is not the same as a firewall. As you noted, it's job is to route packets between networks...they typically do not do security, but the NAT function is a happy accident and by product of its function
  • 0

#7
SpaceCowboy706

SpaceCowboy706

    Trusted Tech

  • Topic Starter
  • Member
  • PipPipPipPip
  • 1,175 posts
WOW.... I ddn't mean to start an argument in here... sorry.

I do appreciate the information though but i have a final question for you guys... I am currently using a linksys wireless router with WEP and Mac Filter, MCafee Firewall, Mcafee Virus Scan, Mcafee Privacy service, Firefox browser with adblock and no script.

what settings do i need to make to these software and hardware to keep people out?
I dont need a step by step guide or anything like that, just settings to change.
  • 0

#8
Jack123

Jack123

    Trusted Tech

  • Retired Staff
  • 944 posts
Suggestion:

You should have Gibson Reasearch Corp. Internet Security Detection System scan your computer. . . . They scan 1056 ports and will give you a report with explanation

You can have it tested using just software firewall - or with router - or just ISP firewall or all combinations . . . .

GRC Link:

https://grc.com/x/ne.dll?bh0bkyd2

This is having your PC tested the easy way
Jack123

Edited by Jack123, 13 July 2005 - 12:57 PM.

  • 0

#9
SpaceCowboy706

SpaceCowboy706

    Trusted Tech

  • Topic Starter
  • Member
  • PipPipPipPip
  • 1,175 posts
According to the gibson site i am in total perfect stealth mode on every port.

So does that mean my settings are ok.... and will the current settings keep out nasty hacks.
  • 0

#10
Jack123

Jack123

    Trusted Tech

  • Retired Staff
  • 944 posts
Did you run the 1056 port test? & read what they said about routers & ISP protection?

You can feel more comfortable about your PC while on line, but this is just showing you are safe from incoming pinging . . . .GRC is always improving their testing & testing techniques. . . & at the same time hackers are trying harder to break in . . .

Your PC is safe from hackers, but not safe from "OPERATOR" . . . .

The user is generally the one that opens/permits the virus/worm/malware/spyware/whatever in . . . .

But the most important settings on firewall are the outgoing permissions & application permissions to internet connection . . . . & the operator has final say of yea/nay . .. . .

The same with opening e-mail / downloading / attachments . . . .the operator may be the one that PC must be protected from . . .

Your settings are good, you still need to be alert & do not take chances.
You still need to run your antivrus & keep it updated & test your firewall
whenever you have this eerie feeling . . .

Your antivirus application will scan your e-mail & give you an alert if it detects some code . . . .but the operator is still the one that the PC needs protected from. . .

I have my firewall set so that I receive a notice alert . . .when attacked
I close up & get off line . .Scan for virus infection . . . .run my PC utilities . . .get a clean bill of health . . .shut down . . .restart pc & run Utilities again . . .to obtain a good return/starting point for:
when needed. . . .My PC never leaves without it . . . .

I visit GRC periodically to check for more/new info/updated testing

it is important to leave & re-enter for each test that you do . . .not do different tests at the same session . . . . The results may not be updated correctly or your firewall will adjust to the attack. . . . they tell you this on the website. . . test . . leave . . . make corrections/adjustments . . .re-enter . . . test again . . . .

So are you/PC safe: . . . . . .NO . . . .Are you ever safe from anyone that wants to do harm to you?. . . .NO

To be really safe . . .never turn PC on . . . .but then hackers win!!

Knowledge is Power . . . .
Jack123
  • 0

#11
SpaceCowboy706

SpaceCowboy706

    Trusted Tech

  • Topic Starter
  • Member
  • PipPipPipPip
  • 1,175 posts
That was a [bleep] Good Post Jack java script:emoticon(':tazz:')
smilie

thanks.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP