A Broadband and ADSL forum. BroadbanterBanter

Welcome to BroadbanterBanter.

You are currently viewing as a guest which gives you limited access to view most discussions and other FREE features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload your own photos and access many other special features. Registration is fast, simple and absolutely free so please, join our community today.

Go Back   Home » BroadbanterBanter forum » Newsgroup Discussions » uk.comp.home-networking (UK home networking)
Site Map Home Register Authors List Search Today's Posts Mark Forums Read Web Partners

uk.comp.home-networking (UK home networking) (uk.comp.home-networking) Discussion of all aspects of computer networking in the home, regardless of the platforms, software, topologies and protocols used. Examples of topics include recommendations for hardware or suppliers (e.g. NICs and cabling), protocols, servers, and specific network software. Advertising is not allowed.

Routers with Firewalls



 
 
Thread Tools Display Modes
  #1  
Old May 26th 06, 12:24 AM posted to uk.comp.home-networking
Andy
external usenet poster
 
Posts: 28
Default Routers with Firewalls

If I get a Broadband Internet Router which has a built in hardware firewall
in the router will I still need to activate my Firewall within Windows XP
Home? - I am a bit confused so can you put it in layman's terms.

Cheers,

Andy.




*** Posted via a free Usenet account from http://www.teranews.com ***
  #2  
Old May 26th 06, 02:40 AM posted to uk.comp.home-networking
Mal
external usenet poster
 
Posts: 6
Default Routers with Firewalls


"Andy" wrote in message
.. .
If I get a Broadband Internet Router which has a built in hardware
firewall in the router will I still need to activate my Firewall within
Windows XP Home? - I am a bit confused so can you put it in layman's
terms.

Cheers,

Andy.


NO. The windows firewall only stops INCOMING traffic, the same as the
router firewall. The Windows one can be defeated as some programs alter the
registry to put a fake entry in and allow a program to have full rights.
You're best using the free version of Zone Alarm on your PC. Then you can
control what connects OUT from your computer.


  #3  
Old May 26th 06, 02:48 AM posted to uk.comp.home-networking
Andy
external usenet poster
 
Posts: 28
Default Routers with Firewalls


"Mal" wrote in message
...

"Andy" wrote in message
.. .
If I get a Broadband Internet Router which has a built in hardware
firewall in the router will I still need to activate my Firewall within
Windows XP Home? - I am a bit confused so can you put it in layman's
terms.

Cheers,

Andy.


NO. The windows firewall only stops INCOMING traffic, the same as the
router firewall. The Windows one can be defeated as some programs alter
the registry to put a fake entry in and allow a program to have full
rights. You're best using the free version of Zone Alarm on your PC. Then
you can control what connects OUT from your computer.



Thanks for the reply. So router firewalls only work one way as well then
(incoming) it that right? - I tried Zone Alarm about a year ago but got fed
up with it asking me questions all the time with what I wanted to allow or
block. At least with the Windows XP built in firewall it seems to block
silently.





*** Posted via a free Usenet account from http://www.teranews.com ***
  #5  
Old May 26th 06, 09:22 AM posted to uk.comp.home-networking
Conor
external usenet poster
 
Posts: 579
Default Routers with Firewalls

In article , Andy says...

Thanks for the reply. So router firewalls only work one way as well then
(incoming) it that right?


No. A decent one can also block outbound traffic but you have to
manually configure it.


- I tried Zone Alarm about a year ago but got fed
up with it asking me questions all the time with what I wanted to allow or
block. At least with the Windows XP built in firewall it seems to block
silently.

And alot of time, it'll allow stuff without even asking. I've had it
ask whether I wanted an application blocking and whilst the popup was
on the screen, the application was transferring data across the
internet. Not ideal.



--
Conor,
Grumpy Old Man.
Same ****, different day.
  #6  
Old May 26th 06, 04:23 PM posted to uk.comp.home-networking
[email protected]
external usenet poster
 
Posts: 7
Default Routers with Firewalls

Andy wrote:

"Mal" wrote in message
...

"Andy" wrote in message
.. .
If I get a Broadband Internet Router which has a built in hardware
firewall in the router will I still need to activate my Firewall within
Windows XP Home? - I am a bit confused so can you put it in layman's
terms.

Cheers,

Andy.


NO. The windows firewall only stops INCOMING traffic, the same as the
router firewall. The Windows one can be defeated as some programs alter
the registry to put a fake entry in and allow a program to have full
rights. You're best using the free version of Zone Alarm on your PC. Then
you can control what connects OUT from your computer.



Thanks for the reply. So router firewalls only work one way as well then
(incoming) it that right? - I tried Zone Alarm about a year ago but got fed
up with it asking me questions all the time with what I wanted to allow or
block. At least with the Windows XP built in firewall it seems to block
silently.

Depends on the router firewall. Those which have more than a basic
NAT firewall can most certainly stop specific types of outgoing
traffic as well. All of the Zyxel routers have very comprehensive
firewalls as does the latest software for the Speedtouch 716WL -
these are the only ones I know about personally. I believe the
Draytek routers also have a good firewall and some of the Billion
routers.

--
Chris Green

  #7  
Old May 27th 06, 04:46 PM posted to uk.comp.home-networking
Dave J.
external usenet poster
 
Posts: 139
Default Routers with Firewalls

In within
uk.comp.home-networking, 'Andy' wrote:

[..]
If I get a Broadband Internet Router which has a built in hardware
firewall in the router will I still need to activate my Firewall within
Windows XP Home? - I am a bit confused so can you put it in layman's
terms.


[..]

NO. The windows firewall only stops INCOMING traffic, the same as the
router firewall. The Windows one can be defeated as some programs alter
the registry to put a fake entry in and allow a program to have full
rights. You're best using the free version of Zone Alarm on your PC. Then
you can control what connects OUT from your computer.


Thanks for the reply. So router firewalls only work one way as well then
(incoming) it that right?


A router (even with no firewall) set up with NAT will by default not pass
incoming connections anyhow (although there are some exceptions as some
are a bit too 'clever' when it comes to UDP traffic) It has no way of
knowing to which machine to send the packet.

If you're talking to the external IP you are, unless you've actively
configured port forwarding, only talking to the router. The router should
not itself have any 'open ports' unless you've configured it to allow
external administration, so incoming connection requests and UDP packets
that don't closely follow outgoing UDP packets will just be discarded.

If you've got an external firewall on top of the NAT, then I believe its
main purpose is to regulate outbound connections, though some will monitor
incoming traffic for things that look like viruses or other forms of
attack. The cleverer firewalls will watch out for tricks like passing data
through as fragmented packets that look innocent until they're stuck back
together (IYSWIM) and various ways of 'piggybacking' illicit data on top
of legal data. You're starting to wander into the territory of IDS there
though.

When it comes to regulating outbound traffic at the router, there is a bit
of a problem in that the router can only see which machine/port the packet
came from and which protocol it is. There is no way for the router to know
which application issued the packet so the control is seriously clunky.

You can allow/disallow on the basis of source or destination (IP
addresses, ports and which protocol ) but that is all the machine can see.
Some firewalls may look 'inside' the packet for more clues, but no
firewall can tell what program sent or is destined to receive the packet.

The only place to regulate which application is responsible for which
socket is on the machine running the app. This is where software firewalls
come into their own.

Hope that helps, if I've missed anything out by all means ask and I'll
happily elaborate.

Dave J
  #8  
Old July 15th 06, 12:01 PM posted to uk.comp.home-networking
Ivor Jones
external usenet poster
 
Posts: 3,969
Default Routers with Firewalls

"Andy" wrote in message


[snip]

Thanks for the reply. So router firewalls only work one
way as well then (incoming) it that right? - I tried
Zone Alarm about a year ago but got fed up with it asking
me questions all the time with what I wanted to allow or
block. At least with the Windows XP built in firewall it
seems to block silently.


I prefer the questions. At least I know then that the thing is working..!
If it doesn't prompt you when it wants to do something how do you know
it's actually doing it..?

Ivor


  #9  
Old July 15th 06, 05:44 PM posted to uk.comp.home-networking
Mike Scott
external usenet poster
 
Posts: 31
Default Routers with Firewalls

Ivor Jones wrote:
"Andy" wrote in message


[snip]

Thanks for the reply. So router firewalls only work one
way as well then (incoming) it that right? - I tried


They should work both ways. It's just that they don't have any awareness
of user and application on the computer, only networking parameters (eg
address and port).

Zone Alarm about a year ago but got fed up with it asking
me questions all the time with what I wanted to allow or
block. At least with the Windows XP built in firewall it
seems to block silently.


I prefer the questions. At least I know then that the thing is working..!
If it doesn't prompt you when it wants to do something how do you know
it's actually doing it..?


And how do you know it does anything even if it does ask? :-)

--
Please use the corrected version of the address below for replies.
Replies to the header address will be junked, as will mail from
various domains listed at www.scottsonline.org.uk
Mike Scott Harlow Essex England.(unet -a-t- scottsonline.org.uk)
  #10  
Old July 15th 06, 06:37 PM posted to uk.comp.home-networking
Alex Fraser
external usenet poster
 
Posts: 553
Default Routers with Firewalls

"Mike Scott" wrote in message
...
Ivor Jones wrote:
"Andy" wrote in message

[snip]
Thanks for the reply. So router firewalls only work one
way as well then (incoming) it that right? - I tried


They should work both ways. It's just that they don't have any awareness
of user and application on the computer, only networking parameters (eg
address and port).


Not knowing the user and/or application obviously limits the functionality
of a firewall, and in general there is no way for an external device such as
a router to know either. However, with some routers there is no way to
configure outbound filtering, and even if you can, the default is to allow
everything (in my experience).

Zone Alarm about a year ago but got fed up with it asking
me questions all the time with what I wanted to allow or
block. At least with the Windows XP built in firewall it
seems to block silently.


I prefer the questions. At least I know then that the thing is working..!
If it doesn't prompt you when it wants to do something how do you know
it's actually doing it..?


And how do you know it does anything even if it does ask? :-)


Quite . Ivor: no doubt you trust a pocket calculator to compute the
correct answer to a calculation you provide, so why not trust a firewall to
block packets you asked it to?

Alex


 




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
NAT and firewalls Ben uk.comp.home-networking (UK home networking) 6 May 5th 06 02:50 AM
NAT and firewalls Ben uk.telecom.broadband (UK broadband) 4 May 4th 06 11:15 PM
Three Firewalls Ken uk.telecom.broadband (UK broadband) 15 July 24th 05 10:53 PM
Three Firewalls Ken uk.telecom.broadband (UK broadband) 3 July 14th 05 07:23 PM
firewalls Me uk.telecom.broadband (UK broadband) 13 November 16th 04 08:59 AM


All times are GMT +1. The time now is 08:31 PM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.Content Relevant URLs by vBSEO 2.4.0
Copyright 2004-2019 BroadbanterBanter.
The comments are property of their posters.