external modem/router do i need a firewall ?

Posted on 2005-04-27
Last Modified: 2013-12-04


i run a home network behind an extrenal modem/router, nothing nasty with us, do i need to run a fire wall ?

if i switch XP firewall and penecillin firewall off, my virus checker does not work any more

should i run a different virus checking only program

many thanks
Question by:simonkleyn
    LVL 3

    Assisted Solution

    Yes, you need firewall, doesn't matter which type of modem you have.
    Does the modem have some securing/firewall configuration?
    Which kind of virus checker you use? Did you install ServicePack2 from MS?
    LVL 9

    Accepted Solution

    Agreed w/ veaceslavs....application level firewalls are almost always necessary unless it's a personal system that nobody else ever has access to and you're an ubergeek that knows his/her system inside out and can tell what is going on by watching the LED's on you switch, hd activity, fan speed sounds, etc, and frequently runs netstat and 3rd party utilities seeing what's connected to where, on what ports, by what processes, and why, etc.  All my fresh installs get firewalled before ever sending or receiving their first packet on a network.

    Firewall: Sygate personal firewall (free for personal use.  "Pro" version has more bells and whistles, but nothing most users need so stick with the free one.).  I prefer it over Zone Alarm and definately prefer it over the poor excuse for a firewall that XPSP2 enables by default.  Reasons for this preference:  There have been exploits and malware code specifically targeting Zone Alarm due to it's popularity, some malwares have even been able to disable it from starting at boot.  XPSP2's "firewall" it completely trivial for malware to bypass once the malware has made it's way into your system (by using IE to browse or Outlook/Outlook Express to preview email containing malicious code, for example).  Also, some firewalls load a little too late in the boot process, thereby either leaving you vulnerable for a couple seconds (which is more than enough....especially when things like MyDoom are new and/or unpatched and spreading like wildfire 'round the 'net), or even if they leave the system in an "everything blocked" state before being active (which usually only happens if the last shutdown was clean, not after a crash), there is an opportunity for malware to jump in earlier and potentially modify the firewall's behaviour (replacing a .dll, preventing it's startup alltogether, etc).

    Download at

    Antivirus:  Kaspersky. (, free trial available)  Reasons:  I *frequently* have had machines come to me from clients that were infected with viruses that Norton and/or McCrappy did not detect.  Also, like with Zone Alarm, the popular AV programs like Norton and McCrappy are popular targets for some virus code to try to bypass/disable.  I've personally witnessed machines running Norton have their live update disabled....although the update process *appeared* to finish correctly (unless you check the virus definition file date).  9 months later, bang.....hundreds of viruses were able to infect that machine.  I've also personally witnessed very poor behaviour with McCrappy along the same lines as well as just plain breaking things....example, causing infinite loops when checking incoming mail, endless loops within their own product suite where the AV routines get caught in a loop w/ the firewall routines, etc.  Also, Kaspersky releases updated definition files every *hour*, compared to sometimes only once a week with things like Norton's live update.  Kaspersky costs a lil more than others, but in my opinion it's worth the expense and is the best single antivirus protection product out there.  There are other AV solutions that use multiple vendor's definitions and those are arguably better at times (although if you're only updating once a week it doesn't really matter how many definitions you're're only getting the advantage of them while they're fresh).

    Drawbacks to Kaspersky:  It *will* slow down your system w/ realtime protection enabled....moreso than with other AV solutions.

    Author Comment


    thanks guys !

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Looking for New Ways to Advertise?

    Engage with tech pros in our community with native advertising, as a Vendor Expert, and more.

    As I write this article, I am finishing cleanup from the Qakbot virus variant found in the wild on April 18, 2011.  It was a messy beast that had varying levels of infection, speculated as being dependent on how long it resided on the infected syste…
    SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
    how to add IIS SMTP to handle application/Scanner relays into office 365.
    In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor ( If you're interested in additional methods for monitoring bandwidt…

    759 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    8 Experts available now in Live!

    Get 1:1 Help Now