Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1234
  • Last Modified:

Personal Firewall verses SPI router

I have in the past used a personal firewall (Zonealarm) very happily. However, recent versions seem to cause a lot of instability on XP. I have seen some advice to replace the functionality with a SPI router.

My question: does not the software firewall still provide additional protection against trojans that try to "phone home?"

I am evaluating the latest Zonealarm update to see if they have cured the instability problems. I am also moving to install Linksys WRT54GS wireless routers with built-in SPI.
0
jasimon9
Asked:
jasimon9
  • 3
  • 3
  • 2
  • +3
5 Solutions
 
dis1931Commented:
Routers are good.  They do similar but since it is a seperate hardware device it doesn't task the PC to do work and won't cause incompatability.  Also, once set up it manages itself for the most part.  It is still good to use Anti-Virus software and run Spybot and Ad-Aware to complement the router as you will still get viruses or the such even with the router.  A software firewall can still allow viruses and other such things if you access something that you think is ok but has a virus.  I think hardware firewalls are better than software from a standpoint of speed and since it is not directly affecting my system resources.
0
 
dis1931Commented:
The hardware firewall will only allow traffic to go through it if you either have a port open or have requested something such as a webpage.  The best protection for trojans, viruses, etc... is to install and keep up to date a good antivirus package and scan your drive regularly.
0
 
jasimon9Author Commented:
OK, I understand virus and spyware scanning.

Trying to be more specific: in addition to the firewall function of Zonealarm, there is also the program control function that prevents a trojan from "phoning home." Will the router firewall also prevent this through an open port?

It seems that Zonealarm does add a safety factor by requiring explicit permission for each new program.
0
Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

 
dis1931Commented:
if this is your main concern then the software firewall is the only way to go as i know it.  However, I have never ran a software firewall and have never had a trojan, i keep my anti-virus up to date scan often and check for spyware adware often.  It keeps my PC clean.  If you never get one you don't have to worry about it calling home.  Just my preference i guess....i don't like to give access to all my programs from the software firewall and i causes too many problems on top of too much customizing especially since I rebuild my laptop and PCs often depending on what project i am working on at the time.
0
 
tosh9iiiCommented:
Here's a comparison chart of some firewalls and antivirus software:

http://www.pcworld.com/resource/printable/article/0,aid,115939,00.asp
0
 
net_sec_guruCommented:
If you are truly worried about a trojan "phoning home" then I would highly suggest that you do a defense in depth. Don't rely on a single entity to handle everything for you.

Set up your router with ACL's / restrictive policies.
Keep current A/V software on your machine - and regularly update the definition pattern files!
And use a personal firewall on your machine.

The personal firewall does not have to be ZoneAlarm. There are a number of free personal firewalls for your PC. In fact, XP has one on it by default (which will become a lot more flexible with SP2).

So I would recommend using both the router and firewall.

0
 
net_sec_guruCommented:
And software firewalls do not specifically address trojans. This is something that a lot of A/V vendors are trying to accomplish and add to their products. This is signature based so it will only be as good as the definition pattern file that is on the A/V product (again a good reason to stay current!)
0
 
ridCommented:
Very generally, a router (ordinary home/small office thingy, doing NAT) will stop unrequested traffic from outside, thus protecting the LAN from spontaneous attacks. If the communication is initiated from within the LAN, even malicious traffic will be allowed inside. This problam calls for either an individual firewall on each machine or a router that can block even outgoing requests on supicious ports. Depending on how much you want to spend, the more advanced router is probably the best solution, as individual software firewalls on all machines do create a speed and stability problem instead.
/RID
0
 
ahoffmannCommented:
a seperate hardware firewall can't protect your trojan phoning home in general, and your software firewall on the same host can't do either (at least it can't be trusted > 80%, replace 80 by whatever you feel good).
The reason is simple: my trojan calls home on port 80 or 443.
Assuming that such a trojan is not that stupid running its own executable or dll, which will be detected (hopefully) by each persnal firewall. But if it is a plugin to your browser (like those "home page hijackers"), no firewall is able to detect it.
A special application level firewall might do it. Feel free to search the web to find a few claiming to be able to do so. :-]
0
 
jasimon9Author Commented:
Some really good comment is developing out of this question. It appears to be a relatively subtle or complex issue. Although I would prefer not to have to have the software firewall running on each pc, it appears that the current best practice (short of elaborate defense-in-depth) is probably to continue with some sort of software firewall in addition to the SPI router.

Based upon valuable comment from all, I am splitting points.
0
 
jasimon9Author Commented:
Also, the article provided by tosh9iii was comprehensive and very informative. Splitting only 125 so many ways is kind of disappointing, so I am going to increase the points to justify a 5-way split.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Get 10% Off Your First Squarespace Website

Ready to showcase your work, publish content or promote your business online? With Squarespace’s award-winning templates and 24/7 customer service, getting started is simple. Head to Squarespace.com and use offer code ‘EXPERTS’ to get 10% off your first purchase.

  • 3
  • 3
  • 2
  • +3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now