Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions

Do I need virus and firewall protection?

Posted on 2004-04-05
Last Modified: 2013-12-04
Customer has a 5-station XP peer network, with a DSL router attached to the hub as well.  Only two of the stations ever access the internet.  They don't want to spend unecessary money, so here are the questions:

1) Do they really NEED norton antivirus on EACH computer, or can they get by with it on just those two that ever access the internet?

2) Same thing with norton firewall--do the NEED it on EACH computer?

I know it would be BEST to have it on all, but is it actually a risk by not having it on the stations that never open IE and never go on the internet in any way, and never get e-mail, etc?  They are just basic workstations that happen to have access to the internet only because all the stations and the router are on the same hub, but they never access the internet.

If it's NOT OK to just protect the two that access the internet, please help me understand WHY so I can explain to them why they need to protect them all...thanks

Question by:sasllc
  • 8
  • 5
  • 2
  • +2
LVL 57

Accepted Solution

Pete Long earned 150 total points
ID: 10760571
YES, modern viri go out of their way to infect neibouring PC's on their victims network. some even set up server applications just to find close computers to infect :)
LVL 38

Assisted Solution

by:Rich Rumble
Rich Rumble earned 150 total points
ID: 10760793
Typically you need AV on each, and you'd have all PC's go through 1 firewall.

[Internet --> FW --> Users] or  [Internet --> FW --> Router/switch/hub --> users]

To save money though, you should try a program like ZoneAlarm. They have a Free version that will do what I am about to detail:
ZA not only block's attempts to access your macnines, but it also blocks access to processes, until the user has told ZA that is ok to allow, or it should deny the process. So if your PC was the 1st to get hit by a virus, and that virus wanted to infect others and spread... it would start a new process, and ZA would prompt you asking if you would like "viri.exe" to access the internet, or act as a server etc... you would say no, and place a check mark in the "remember this response" box.

Now... ZA will deny the virus access, BUT it will not clean it off your system. You need AV to do that, or use the tools from the big 2 (mcAfee and Norton) to get rid of them. Each time a new virus comes out, Norton and McAfee typically put out stand-alone programs that will remove and find one or two different virus'. These tools are free.


However, the real price advantage is in TCO- total cost of ownership. PutMcafee on each machine, even ones that do not access the internet, and a single FW at the preimeter of the network, this will keep administration cost and task's lower.
But.... If this is your network: Internet -->HUB/Switch --> users
Then yes, they all need AV and they All need FW, not necessarily Norton's... As it may not have the process locking features. Again, ZA is free, and a great FW. As stated above, since they are all able to see one another, since they are on a hub, they will infect even the macines that don't access the internet. Your less likely to get infected from those... but they are able to be infected nonetheless.

Author Comment

ID: 10760845
Very helpful, but I'm not clear on how to use just one instance of firewall 'on the perimeter', because in this case, they have 5 XP computers hooked together peer-to-peer through a hub, and the DSL router is hooked to the hub as well.  So, if I were to put one copy of ZA (or other firewall) on the network, WHERE would it need to go?  Which computer?
Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

LVL 12

Assisted Solution

trywaredk earned 150 total points
ID: 10760965
I agree with PETELONG and RICHRUMBLE - You definitely need a good protection on all the computers, and you don't have to spend much money on it.

Today you have to face, that one computer infected vith virus or spyware or trojans or backdoors, will indeed infect all other computes on the same hub. No doubt about it.

Remember the NIMDA virus ?
PE_NIMDA.E is a fast-spreading Internet worm and file infector that arrives via email, as an attachment called SAMPLE.EXE. It employs several infection mechanisms and exploits several known vulnerabilities. Similar to the original variant, PE_NIMDA.A, it has four modes of propagation: through email, through network shared drives, through unpatched IIS servers, and through file infection.
***end of quote

You should immidiately install both antivirus and antispywareprograms (they does'nt allways do the same), and you should also install a firewall. And you should also get all the latest hotfixes from microsoft

Many Regards
Jorgen Malmgren

:o) Your brain is like a parachute. It works best when it's open
LVL 12

Expert Comment

ID: 10760967
Use this free online Trend Housecall scanner to find and clean every known virus/rootkits/backdoors:

Some viruses can't be removed by housecall. If so, use the free Trend Micro system cleaner:

If you get's an ActiveX error, when loading the HouseCall web page:

If you want to secure your one workstation in the future, consider to purchase PC-cillin with builtin firewall:
LVL 12

Expert Comment

ID: 10760972
Getting a personal Firewall

Download the free version of Sygate personal firewall

Download the free version of ZoneAlarm firewall

Comparative reviews of personal firewall software:

Firewall Product Selector - Choose yourself which one to compare
LVL 38

Expert Comment

by:Rich Rumble
ID: 10760976
No no no no stop the spam...
LVL 38

Expert Comment

by:Rich Rumble
ID: 10760980
too late... more to follow... gahhh
LVL 12

Expert Comment

ID: 10760983

Ad-aware Standard Edition is THE award winning, free*, multicomponent adware detection and removal utility:

SpyFerret detects & removes spyware

Bazooka Adware and Spyware Scanner v1.13.01

Automatic check of your browser for parasites, adware and spyware
LVL 12

Expert Comment

ID: 10760988
Sygate free scanning your security: quick, stealth, trojan, tcp, udp, icmp

One Usage of the HACKYOURSELF scan: TCP Scan (65534 ports),UDP scan (800+ ports), and Netbios Scan

Shields UP! quickly checks the SECURITY of YOUR computer's connection to the Internet.

Port scan.. Get an instant security analysis now. You dont even need to know your own IP address!
LVL 38

Expert Comment

by:Rich Rumble
ID: 10760990
every time...
LVL 12

Expert Comment

ID: 10760993
>"So, if I were to put one copy of ZA (or other firewall) on the network, WHERE would it need to go?  Which computer?"

On each computer!
LVL 12

Expert Comment

ID: 10761029
About Windows Update (SUS)

Download and install Microsofts automatic update server (also known as SUS)
LVL 38

Expert Comment

by:Rich Rumble
ID: 10761070
You'd need one computer to be your gateway. It would need 2 NIC's  so your network would look like:

Internet (the router that is)-->  nic1            nic2 -->hub --> other pc's

The FW-PC would use ICS (windows internet connection sharing)  Nic1 would be connected to the router (dsl/cable router)  and nic2 would connect to the hub, along with the other pcs
But if you don't what to rework your network, ZA on each pc would be grand. ZA is chatty at first... then you'll get fewer and fewer pop-ups asking to allow this and that... read the documentation fully.

Assisted Solution

meatdog8 earned 50 total points
ID: 10762956
Check out the dsl/router that is currently installed to see if it has a built in firewall... Typically the basic router will have what is called a NAT(network address translation) firewall... If you have the NAT fire wall built into the router that will suffice for blocking unwanted incomming traffic from the internet.  In addition to the NAT firewall you could turn on the firewall that comes with XP, it is under the connection properties.  Speaking from experience, put Antivirus on all computers.  (like someone said previously, it will save money in the long run.. (I like Norton, I've had too many bad experiences with McAfee).

Good Luck
LVL 57

Expert Comment

by:Pete Long
ID: 10793358
LVL 12

Expert Comment

ID: 10800400
:o) Glad we could help you - thank you for the points

BTW: Have a look on http://www.tryware.dk/English/Knowledgebase/HowToProtectYourComputer.html

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In a recent article here at Experts Exchange (http://www.experts-exchange.com/articles/18880/PaperPort-14-in-Windows-10-A-First-Look.html), I discussed my nine-month sandbox testing of the Windows 10 Technical Preview, specifically with respect to r…
Recently, I read that Microsoft has analysed statistics for their security intelligence report. It revealed: still, the clear majority of windows users do their daily work as administrator. An administrative account is a burden, security-wise. My ar…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question