To Firewall or not to Firewall

Rl'Halsinor

Explorer
To keep this short I had to reformat my harddrive due to my firewall failing. I was flooded with adware and malware galore in about 10 seconds. I still can't get rid of E2Give. Suffice to say I got a Linksys router to go along with my Norton Anti-virus, Webroot Spy Sweeper, and ZoneAlarm 5.0 Pro. Today I had to shut down down ZoneAlarm and I noticed that I was able to access the internet much faster. In fact, I hadn't been able to log on to these message boards since getting my PC up and running again. I kept getting "This site cannot be posted on from a foreign host." I thought it was due to my router but it seems Zone Alarm may be be the culprit.

So with my router, do I still need Zone Alarm or a firewall in general? It sure is a hog and as I said it sure can slow down internet surfing. It also seems to conflict with other PC utilities or it doesn't remember all the time what you give access to and the ones you deny. Thanks.
 

log in or register to remove this ad


smootrk

First Post
I use the built in Windows firewall, along with my lynksys router. To top off that, I use Ad-aware to periodically search my HD for spyware, and I use Spyware Blaster to proactively block most of the spyware programs/sites. All this with my AVG virus scanner, and I have superb speed.

I have nothing bad to say about Zonealarm but you can protect your computer just fine with other free options.
 

WingOver

First Post
I'm no expert but I really believe in hardware-based firewalls. But having a router isn't enough, you need to make sure it's configured correctly. The Shields Up site has a lot of useful info and will perform various tests and give you practical advice on how to secure your firewall:

https://www.grc.com/x/ne.dll?bh0bkyd2

In addition, XP service pack 2 has an internal software firewall. Make sure your windows updates are current. Resident anti-virus and running anti-spyware diagnostics occassionally are both good ideas (though personally I don't have resident anti-virus).
 

maransreth

Explorer
If you have a broadband connection, you WANT/NEED a firewall.

Does your router contain a firewall? If it does, that should be good enough.

There are many, many different software firewalls around, and all do things differently. I have to say that ZoneAlarm used to be good a couple of years ago, but seems to have gone downhill since then.
 


talmar

First Post
I also am an advocate of hardware based firewalls. A router is not a firewall. A router can provide some certain restriction with the use of access lists. I personally have Adaware full version, The complete Norton security suite, use the Windows software firewall and have a Cisco 501 hardware firewall. I use to use ZoneAlarm but I don't anymore since moving to XP Pro and my Pix.
 

mrtauntaun

First Post
Look at it this way, if a software based firewall is bypassed or brought down, then then intruder is already on your machine. If a hardware based firewall fails, it will (most likely) take your network with it, preventing the intruder from progress due to a lack of active connections.
But, as always, you need to make sure it is correctly configured.
 

GlassJaw

Hero
talmar said:
I also am an advocate of hardware based firewalls. A router is not a firewall.

By its definition, this is true. However, the Linksys router that we all know and love (at least I do!) is a NAT device - Network Address Translation. NAT is a type of firewall, albeit a brute force one.

Basically, the Linksys router will block anything that is attempting to "enter" your PC that didn't originate from you. So if you type in www.yahoo.com, your computer sends a request to Yahoo. Yahoo then sends an acknowledgement. When it gets to your router, the router checks that you requested it. It then routes the packet to your PC.

Now if someone is trying to hack into your PC (usually by port scanning), the data they are sending won't be in the router address table, so it won't get it. That's why it's a brute force firewall - you can't really set permissions to allow certain types of data. You can open up certain ports but a true firewall allows for a lot more customization.

Now if you get an email and click on something you shouldn't have, you're screwed. The router isn't going to help you at all because by clicking on that link, you initiated the contact. The hacker on the receiving end now has an open channel to your PC.

If you are just trying to protect your home PC, a Linksys router (and a good virus scan program) is really all you need. Everything else is just redundant. Heck, I turn off my XP firewall as well. The Linksys router should provide everything you need right out of the box with little to no configuration at all.
 

IronWolf

blank
I am going to say it depends on the person. I tend to only use the LinkSys as my firewall, though on occassion I crank up a software based one too. That's mainly when I want immediate warning of outgoing connection attempts also. I do run AV software all the time, but only the second firewall on occassions.

Standard practice would dictate that a hardware based firewall (and I include LinkSys in this by nature of NAT) and software based firewall are not a bad combination. The XP one should be fine as a second layer of protection though for most people.

And I agree with the Zone alarm sentiments so far. It used to be a good tool, but these days it seems I am fixing things it broke for people more than not.
 

Split the Hoard


Split the Hoard
Negotiate, demand, or steal the loot you desire!

A competitive card game for 2-5 players
Remove ads

Top