Hardware Firewall Questions

[Cooter]

I get the impression that a hardware firewall is better than a software
firewall. I understand the HW firewall will block undesirable incoming
traffic, but is it capable of blocking malware-generated outgoing traffic?
If not, and I suspect it is not, would it then be desirable to run a
software firewall in addition to the HW one? One of the LinkSys router
manuals implies, but does not specifically state, that both should be used.
Does anyone have a more definite answer? Thanks for any halp.

 

[Michael D. Alligood]

A majority of malware/spyware programs (not all) transmit through port 80
(both incoming and outgoing). Firewalls in general will not block
malware/spyware. Third party utilities such as SpywareBlaster, SpyBot, and
Pest Patrol to name a few will block spyware/malware from infecting your PC.

Hope that helps.

--
Best of luck!

Michael D. Alligood
MCSA, MCP, CCNA, A+,
Network+, i-Net+, CIW A, CIW CI

 

[Miha Pihler]

Hi,

Software and hardware firewalls will block undesirable incoming and outgoing
traffic. This only depends on specific hardware device or software that you
are using (how much money you would like to spend ...). Malware outgoing
traffic will usually use TCP port 80 since it can get free access to the
internet on about 90% of firewalls on this port. This is the reason why it
is pretty hard to filter out only malware with only hardware firewall.

At home and in the office I personally use hardware firewall. My reason for
hardware firewall is I can connect more devices to it and I can still pretty
easily access my home LAN.
Whenever I travel, I use software firewall (personal firewall).

I hope this helps,

Mike

 

[Bruce Chambers]

Greetings --

Like WinXP's firewall, NAT-capable routers do nothing to protect
the user from him/herself. Again -- and I _cannot_ emphasize this
enough -- almost all spyware and many Trojans and worms are downloaded
and installed deliberately (albeit unknowingly) by the user. So a
software firewall, such as Sygate or ZoneAlarm, that can detect and
warn the user of unauthorized out-going traffic is an important
element of protecting one's privacy and security. Most antivirus
applications do not scan for or protect you from adware/spyware,
because, after all, you've installed them yourself, so you must want
them there, right?

I use both a router with NAT and Sygate Personal Firewall, even
though I generally know better than to install scumware. When it
comes to computer security and protecting my privacy, I prefer the old
"belt and suspenders" approach.


Bruce Chambers
--
Help us help you:



You can have peace. Or you can have freedom. Don't ever count on
having both at once. - RAH