My Linksys BEFSX41 router crapped out on me last night and I'm trying to figure out if I really need to replace it. I'm running XP Pro SP2, Norton Internet Security 2005 w/firewall, Ad-Aware SE Plus, Spyware Guard, SpywareBlaster and a few other programs.

Should I just cough up the $49 and pick up another router from Circuit City?

 

If you are not networking computers, i see no need for a router.

 

Another benefit of running a router besides being able to hook up several PCs to one DSL or cable account is the built in NAT firewall.

The outside world sees only your external IP addy, and not the one of your machine.
I am a stickler for this very reason to run one.
Makes me feel a lot safer running one.

I run the RP 614
http://www.netgear.com/products/details/RP614.php

 

if you have more than 2 computers it is necessary, or you can be a cheap @$$ (if you have more than 2) and get a switch and have 1 computer with 2 network cards and enable internet connection sharing

 

Was just on Newegg's site, and they have the 614 like I have for $39.
http://www.newegg.com/app/viewproduc...122-008&DEPA=0


I paid around $80 to $100 for mine a few years back.
The above price is good if you want to stick with a "wired" system.

 

Most routers these days also provide firewall activities, and that relaxes the need to spend CPU cycles on things like rejecting packets with bad juju.

I will NEVER run software firewalls from anyone, and likewise, I will ALWAYS run a hardware firewall - even with just one machine on a network. The issue with software firewalls is that the data traffic from the outside is _always_ in your machine. If someone wants to hit you with a DoS attack, then it will happen right on your machine and it'll bring it to it's knees. If you run a hardware fiirewall, that traffic will be kept off of your machine, meaning that you can still play RCT 3 until the script-kiddies get tired and go away.

Netgear and LinkSys are the main names these days for this stuff. People will have bad & good to say about them, I've had fine luck with both. The last router/firewall I bought was basically a no-name for $15 (after a $10 rebate) and it works fine. It even supports 802.11G wireless.

It's becoming "easy" to produce these things (thus they're getting cheaper), and you should definitely be running one.

 

Thanks for the help and I'll check out the links provided. The only reason why I have/had a router was for its firewall benefits. I don't mind buying another, I thought I'd ask for opinions as to whether it was necessary with the software I'm using to hopefully safeguard my PC.

 

I too do not run any firewall software.
They are bloatware as far as I am concerned, and take up system resources running in the background.

A hardware firewall such as built into most routers is the way to go as Mark said.

I use to run BlackIce many years ago, but that was before my router.

 

Greetings,
The small Switch/Routers you purchase for under 100 dollars do not do firewall activities. Network address translation, or NAT is a protocol that makes breaking into a network a little bit harder. It should not be mistaken for a firewall that does statefull packet inspection, blocks inbound TCP starts, allows ACLS to be written among other firewall protocols. Also, these firewall do not block any out bound requests that may be made from software that does make it into your box.
Most Enterprise NAT is done with dynamic addressing so the IP's constantly change. This does not happen on your under 100 dollar router. These routers do a static NAT and therefore the origination IP address is in the packet. Static NAT is easily defeated with a little knowledge and a packet sniffer which is freely available on the net.
A good security policy is one that is layered and uses several types of software/hardware combinations. Yes, I would use a router doing NAT but also place some type of software firewall on your PC and a good virus program. If you actually would like to use a real firewall, you can purchase a Cisco PIX firewall or a Cisco 800 series Soho router with a firewall IOS.

Just my 2cents

 

I'm not 100% sure as to how my router's firewall is configured, nor have I had the time to learn... so I run a software firewall also. I have had good experiences with both Sygate and Symantec Firewall. Neither have taken up enough resources to where I noticed a difference in speed on my machine.

 

imo, there are different levels of firewall actions.

For well under $100, I can drop a piece of hardware in system that will stop errant packets or attempts to get to local FTP, HTTP, Telnet, etc. services on my machines.

Outbound wise, I can certainly lock down access to the outside world to specific machines using specific ports.

That's good enough for the home...

 

At frys you can pickup a wireless 54g router with 4 10/100 ports for $24

 

I've had my linksys wireless 54g for about 2 years....recently its been giving me some problems so I did a hard reset on it and it SEEMS to be ok....not bad for 1 computer and a xbox wired into the router and two wireless computers running constantly for almost 2 years...... goto www.dslreports.com / security to see how your security and port block measures up....with my linksys router the port scan gets no responses to probes.

But to answer your question even if I only had 1 computer i'd have a router for the firewall....

 

ummm isnt that a software firewall by definition??????

 

To me, I define "software firewall" as an app that's running in your local workstation; then a "hardware firewall" is a dedicated box that's running outside of your machine.

Now, of course there is "software" running in that "hardware" box, and a firewall implementation running in, say, a router is done in software. But for this discussion (and others that have come before it!) the terms "software" and "hardware" are used to differentiate between something running in your PC versus a dedicated box.

 

That "little knowledge" would also tell you that you're only vulnerable to the people on the same subnet as you (i.e. the people in your neighborhood who happen to be behind the same router). You can't just pop a sniffer on the Internet and sniff anything and everything...doesn't work that way.

You mean like this one?
Also, I'd say blocking inbound TCP and using ACL's are more along the lines of a router's function - but they're important nonetheless.

Jim

 

I'm with you on that one.

 

Standard, Extended and reflexive ACLs (cisco) are done on routers but more importantly on firewalls. They establish most of the configuration on firewalls.
Router ACLs can work well but need to allow some basic protocols through ie: SMTP, which as you know is SIMPLE mail tranfer protocol and one of the most exploited protocols. Since a Routers main function is not inspection rather to "route" the ACLs are better placed onto a box that is designed to inspect packets.