Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

To much protection???

Jun 20, 2004 10:33PM PDT

G'day.
I am currently running a billion ADSL 4 port router with a built in firewall. I am also running black ice. I was just wondering is that a bit over the top or not really? I have also noticed that black ice sometimes has a red line running through it, although it is acually running.

Thanks a lot guys.
Justin.

Discussion is locked

- Collapse -
Re: To much protection???
Jul 26, 2004 7:37AM PDT

Your current configuration (software + hardware firewall) is not considered as being too overly protected. In fact, it should be 'the' standard in securing computers connected to a broadband ISP.

Your router's built-in firewall is most likely using NAT, which hides your computer's IP address and blocks incoming packets not requested by your PC. What it does NOT do, however, is prevent unauthorized outgoing packets from leaving your PC. This could be caused by spyware somewhere within your PC. But with a software firewall, like Black ICE, unauthorized outgoing packets can be prevented from leaving your PC.

- Collapse -
Re: To much protection???
Jul 26, 2004 8:16AM PDT

WRONG ANSWER. Again, go to college, get a degree with certifications, then come back. The correct answer (per N+ certification) is YES, this is too much protection. A hardware firewall and a software firewall will often conflict, although you may not see it. Stick with the hardware firewall, and that will suffice.

- Collapse -
Re: To much protection???
Jul 28, 2004 9:56AM PDT

LOL... dude, you're the one who needs to go to college, and get a degree. NAT firewalls only block INCOMING packets that were not requested by the client PC. They do not block OUTGOING packets that were not authorized by the client PC. If need be, go do some research. And another thing... I've had both a software firewall AND a hardware firewall for quite some time... don't see any conflict there.

- Collapse -
Re: To much protection???
Jul 28, 2004 1:59PM PDT

Sorry, "dude". I have my degree. I also have A+, N+, Windows 2000 Pro/Server, Active Directory, Network Infastructure, and am working towards MCSE certification. I have a current job as well as a network administrator. With that said, you seem to use terms you know little about. The post says he is using a "4 port router with a built-in firewall". A built in firewall has more than just "NAT" capabilities. Yes, it will block outgoing as well as incoming packets if configured correctly. Pick one and read the specs on it. As far as having both a software and hardware firewall and noticing no conflicts, have you looked for any? Do you know what to look for? I seriously doubt it. Using both makes it simple for a hacker to "confuse" the two and gain unwanted access. That is why you don't see corporations using software firewalls. There is a reason, "dude". LOL!!!!

- Collapse -
FOR: techietechie and ereedks
Aug 12, 2004 1:57AM PDT

Isn't this a community forum of friendly help and advice?

I would like to think so.

Everyone here is entitled to their opinions and solutions, we are all here to help. However, I do not appreciate personal attacks, snide remarks, or anything that creates a unwelcoming environment.

If you have a correction to make on the subject, state it and leave the author out of the post. If you cannot resist personally offending someone, you are not welcomed here.

I will state this only once, so please read it and agree to it or find yourself another community that accepts this type of unfriendly behavior.

And if you have not read our forum policies, here it is for your reference:
http://reviews.cnet.com/4002-7600_7-5083783.html

I'd appreciate everyone if they would please stick to the spirit of helping one another out.

Thanks you for your understanding and cooperation.

Lee Koo
CNET Community

- Collapse -
techietechie and ereedks
Jul 16, 2005 10:58AM PDT

I'm new to this and just wanted to say "thank you" for putting an end to the sarcasm. I came to this site with hopes of giving/receiving helpful info.

- Collapse -
Re: To much protection???
Jul 26, 2004 8:18AM PDT

Yes, just stick with your hardware firewall. Many hardware firewalls will have conflicts with software firewalls. The "red line" you refer to is due to BlackIce not having anything to do, your hardware firewall is stopping any unwanted packets. You are only wasting money by using both.

- Collapse -
Re: To much protection???
Jul 31, 2004 5:19AM PDT

The right answer is"You already have Black Ice, so use it." Not going to hurt and it might help. Ereedks, if you know more than anyone else, you wouldn't have to keep
telling us about it. It is tiresome. This is a forum for
ADVICE and help, often from personal experience. Please
join the spirit of these forums. chuck

- Collapse -
Re: To much protection???
Aug 4, 2004 9:52AM PDT

Thank you, Chuckieu. Very well said.

- Collapse -
Re: To much protection???
Aug 7, 2004 2:59AM PDT

No, you are wrong. "Not going to hurt.."? It could allow his system to be attacked."Ereedks, if you know more than anyone else, you wouldn't have to keep
telling us about it. It is tiresome." I am not making you read it, nor am I telling you anything. I am answering his question. If you don't like it, don't read it. His question is, can he have too much protection and the correct answer is "Yes". You can have conflicts between a software and hardware firewall. Unsafe packets can go through and you'll never know, unless you have a packet grabber which is very expensive. The problem is there are too many posting here who have no clue what they are talking about. I have A+, N+, Windows 2000 Pro, and Windows 2000 Server certifications as well as a degree in Computer Science. Whether he takes my advice or not is up to him. But don't you insult my intelligence, or even question it. As far as personal experience, I doubt you have 18 years experience as a network administrator. I bet you don't even have the necessary qualifications to get an IT job.

- Collapse -
Re: To much protection???
Aug 7, 2004 4:39AM PDT

I wasn't trying to start a flame war. Evidently you still don't understand the spirit of these forums. You claim to have 18 years as a system admistrator. Frankly, you come across as an 18 year old who JUST got the degrees you claim to have. My degrees or intelligence is not in question, I'm not trying to tell anyone how much more I know than people who are already on record as having all the degrees and years of experience. But, I have been in these forums for years (different names) and seem to get that they are a place for sharing, not one-upsmanship.
chuck

- Collapse -
Re: To much protection???
Aug 7, 2004 5:09AM PDT

Chuckieu, forget it. He doesn't get it. Let him flame on - the readers know.

- Collapse -
Ereedks, please explain ...
Aug 12, 2004 6:58AM PDT

(if possible in laymans terms) how
a) Two sluices behind each other (serially configured so to say, not parallel) can let anything ("unsafe packets") through if the first blocks everything (as you stated some posts above).
b) How a hardware firewall can 'know' if a certain data package (start of a http-request, so to say, or start of an outgoing mail) is initiated by a legitimate or a quite illegal program on a connected PC (as you stated above: a hardware firewall can be configured to block outgoing traffic).
c) one or more plausible mechanisms for harmful interaction between a NAT-capable firewall in a router, and a software firewall.

Please excuse my - surely - inexact use of terminology. But, then, I don't try to impress the public with my qualifications or knowledge, of course, so there's no need to flame me for that, I hope.

No need to explain it all yourself. A well-chosen reference to (course) material here and there on the net might suffice. We're all willing to learn here.

O, and I have Zonealarm 2.6 running behind a firewalled router and it's very nice indeed to see the green and red bars indicating incoming and outgoing traffic, see the number of bytes send and received, being able to lock communication with two clicks (although I admit never having used it) and to be asked for permission if a new program tries to access the net. But, as expected, there are no alerts on incoming traffic at all, and it uses a few percent of my 200 Mhz CPU, and a few percent of my 48 Mb RAM also, but I still think it's worth it.

I really wonder what's the possible harm in it, and I'm looking forward for your educated and hopefully educational answers. It's nice to know things, but it's still nicer to be able to explain (which is quite somethings else than just state and restate) the same things, isn't it?


Kees

- Collapse -
In my limited experience
Jul 18, 2005 12:23PM PDT

with a wireless router, Zone Alarm seems to be dormant more often than when I was running a stand alone system, butI just ran a little test and ZA was working both while I sent an email and while it came back. It would appear that the firewall is doing most of the up front work. There is an old post I started a couple of weeks back on this forum or on the software forum. I got mixed answers then too, but after running for about a month with both I am happy.

- Collapse -
A litle more fodder
Jul 25, 2005 2:37PM PDT