Vista firewall and router?!?!

I have a Linksys router and when speaking with tech support a few days ago, the individual said I can turn of my Vista firewall because the router has one. I've been using a router for a couple of years and never heard of this before. Is it okay to turn of the Vista firewall?

Thanks,

 

A hardware firewall can be of benefit, but a router rarely has more than NAT capabilities. I would continue to run a software firewall in addition to that provided by your router. I also would either take the time to configure (manually) the outbound firewall protections of the Windows Vista Firewall, or get a replacement that makes that configuration easier. Here is what I have done.

 

One of the best reasons to have a router, even if your network is limited to one computer hooked to cable modem, is the hardware firewall that it provides. I don't hook up to ANY internet connection without a hardware firewall between my computer and the internet connection. I even own a travel router for that purpose entirely.

That being said... The router is superior to Windows software firewall, and many people get by with simply using the Windows software firewall. Therefore, using just the router is safe in most cases.

However, a hardware firewall does have one soft point. If considers all outbound traffic to be legit. So, if you have some malware that causes transmission of data that is private, the hardware firewall will do nothing. The software firewall however will often stop such activity, because of the way you set up the software firewall to limit traffic to those programs you explicitly give permission to do so.

The bottom line is that if you run both your router's firewall, which will protect you from attack from the outside, the software firewall will help protect your system from attacks that have gotten through due to poor manual filtering or software that you downloaded via a trojan or other malware.

Keep both running.

 

In the average home installation, it is unusual to connect without a router in between. Cable and DSL providers almost always provide a Modem+Router combination box. While some also provide a wireless access point/router now, too, many folks add this themselves, which can, I suppose, "double NAT", right?

 

I would just disable the Vista firewall. It is rather clunky. The hardware firewall of a router should be enough. I never ran a software firewall ever and Iv never had any breaches. IMO a good antivirus is much more important. I use Symantec Corporate and havent had a problem so far.

 

I disabled vista defender and the firewall, it barely works, installed avg.

 

I'm not really saavy enough to configure the software myself. After hearing good things about Trend Micro PC-cillin Internet Security 2007, I'm thinking of buying the annual subscription. I'm trying the trial version now. Is the software okay?

Also, why do you use Firefox instead of IE? Thanks for the input!

 

The Windows Firewall in Vista is far more difficult to configure and provides less protection than PCTools Firewall Plus.

I like it better. Some folks like IE, others Opera, I prefer Firefox. Firefox V2 is light years ahead of IE 7.

 

What would happen if I have Window Vista firewall and PCTools Firewall Plus on at the same time, will they conflict with each other.

 

Probably not too terribly, actually.

 

i would personally just leave the vista firewall alone (along with its defender). And use an extra av tool like avg or avast since i personally have nothing but smooth performance with these 2 tools.

use router firewall on top does not hurt and should not be interfered with vista firewall. Just make sure that the router is vista capable

IE7 or FF or Opera .... personal preference more than anything else, with FF has a slight advantage over security (imo). I am playing with minefield 3.08pre and really enjoy it.

IE7 within vista is a good performer comparing it under XP and previous ie versions

cheers ...

 

A router will not route traffic to your box unless it was first initialized by an outgoing connection from your box. So in a default configuration a port scan of your home network will show the router's html/telnet configuration ports open and the rest closed. Once you start forwarding ports so that people can, say, connect to your counterstrike server, a port scan will show those ports as open and the router will route traffic to your box through them. So in a sense, yes, a router is a very good way of stopping incoming connections.

Malware and trojans have developed a way of getting around this though. A few years back I believe a trojan was written that was known as lanfiltrator. Once a machine was infected it would initiate a connection to a web page specified by an attacker from which he/she could issue commands. These commands would reach the trojan and be executed because traffic had first been initialized by your machine on your internal network TO the website.

I think that saying a consumer level router is a firewall is pushing it a bit. Sure it is good at stopping incoming connections but it does not provide features that a good firewall should. For instance, traffic filtering and customizable rules for how much of certain kinds of traffic are allowed through. Sure, a consumer may not be the biggest target for a DDOS attack but it never hurts to be prepared for whatever the internet can throw at you.