Now that I have a router, do I need my software firewall?

[Heraclitus]

Hi network ninjas,

I'm splitting my cable internet between two PCs (as well as creating a LAN between them) with my Netgear RP114 router, which sells itself as a hardware firewall. Do I still need ZoneAlarm? I uninstalled ZA and ran the Steve Gibson Shields Up! test, which reported that I was totally secure.

Any reason to keep ZA now?

Thanks in advance!

 

[JackMDS]

In general, security issues involve:

1. Unauthorized Internet traffic coming in (from the Internet to your computer).

2. Unauthorized Information going out (from your Hard Drive to some one else Web Server).

The latter is done mainly by programs that are "calling home". Unfortunately, the amount of programs that are calling home is growing by the day.

The Router's firewall secures mainly the Incoming traffic, to secure the Outgoing aspect you need to add Software firewall.

Thus, many Router owners use the combination of Hardware, Software firewall.

Popular software firewall package is ZoneAlarm (free).

ZoneAlarm Download.

 

[Heraclitus]

Thanks, that's very good advice.

However, I'm a bit unsure about how to make ZA work with my new LAN. As I mentioned above, I'm using the router to both (a) share my cable between two PCs and (b) network the two PCs.

I understand that ZA allows for different security settings for Local and Internet zones; however, I'm not sure how to do it. Am I correct in thinking that if I flag the adapter subnet as Local, I will be compromising my security? ZA also allows me to add specific computers to my Local zone, but I don't know how to do that.

Can anyone tell me how I can get my LAN to be a Local zone without inviting my neighbours with cable to join in? I'm running WinXP and ZA 2.6.326. Thanks again!

 

[Journeyman]

Am I correct in thinking that if I flag the adapter subnet as Local, I will be compromising my security?

I don't believe so... If you've got your subnet (probably like 192.168.0.0 unless you changed it in the router setup) in the trusted local zone and the subnet mask set to 255.255.255.0, it'll only trust computers with addresses of 192.168.0.x - which you won't find on the internet since 192.xxx.xxx.xxx is within a block of reserved addresses.

 

[Heraclitus]

Originally posted by: Journeyman

Am I correct in thinking that if I flag the adapter subnet as Local, I will be compromising my security?

I don't believe so... If you've got your subnet (probably like 192.168.0.0 unless you changed it in the router setup) in the trusted local zone and the subnet mask set to 255.255.255.0, it'll only trust computers with addresses of 192.168.0.x - which you won't find on the internet since 192.xxx.xxx.xxx is within a block of reserved addresses.

Those are indeed my settings.

I was concerned that it might be a security risk because ZA says (with regard to adapter subnets being set to Local) that "Normally, only LAN adapters should be checked. Dialup/cable modem/DSL modem adapters should not be checked." But isn't the adapter in question both my LAN adapter and my cable modem adapter? I was worried that this would mean that I was setting everyone in the cable modem neighbourhood to Local, which would be unfortunate given that I've enable File and Print Sharing.

Is this an unfounded fear? I confess that I'm pretty clueless about networking.

Thanks!

 

[Journeyman]

If you're really concerned, install the NetBEUI protocol, bind File and Print Sharing to it, and unbind it from TCP/IP. Since NetBEUI is non-routable, your stuff won't get past the router.

If you're running XP, you'll have to download the NetBEUI protocol from Microsoft's website (just search for it in the Knowledge Base).