What is the purpouse of a firewall on a router? I was thinking in the cotext of both my wireless router at home and the large box I see at work.
I know that its ont the same as having a specialist application, but does it actually block any ports that could compromise your computer? Or is it just to proect the router istelf?
My theory is that it is to prevent unautorised access to your network (like encryption) but if that is the case what it the point of having it on a wired router?
2007-01-21 04:34:38 · 7 answers · asked by Anonymous in Computers & Internet ➔ Computer Networking
The firewall on your router will block data packets on some ports, if so configured.
It can usually be configured to stop these ports for both inbound and outbound packets. Some firewalls stop only inbound packets.
Bear in mind that if you block all ports both in and out, you will have no contact with the outside world at all, some ports need t be open to allow internet access, email etc.
It can, if clever enough, reckonise packets being returned as a response to your request for pages on the internet and allow them through.
Another function that a router can perform (but not always) is Network Address Translation - here the ip address of your pc on your network is different to the one presented to the outside world, this making life more difficult for a hacker to find your pc on the internet.
If you ever wondered how the data requested via the interent - perhaps a http request for a webpage is routed back to the right computer on your network, this is the function of the router, it adds extra address information to the outgoing data packet, to that when the data returns, it can work out where to sent it.
The firewall on your router is a first line of defense. It is must have.
Consider also installing a software firewall on each pc to block unwanted outbound packet from rogue applications, particularly if you have a cheap router whose firewall function is limited.
I would strongly advise good anti-virus software on your computer - a firewall will not prevent viruses, as these are spread via downloaded applications, rogue websites, email etc.
2007-01-21 05:19:18 · answer #1 · answered by David P 7 · 0⤊ 0⤋
Your router's firewall blocks every port that it is not configured to allow access at. A few ports are opened by default, but most must be forwarded to a computer. So, in all reality, the router's firewall does the exact same thing as a firewall on a computer without a router, except for the customization features (such as blocking a specific program or allowing network connections) that an application such as Zonealarm would offer. Unauthorized access to your router through wireless encryption is not related to the firewall.
2007-01-21 04:53:29 · answer #2 · answered by GamingG 2 · 0⤊ 0⤋
The firewall in your wireless (or wired) router is highly effective at protecting your network from outside attack from the Internet. It uses a technology called Network Address Translation or NAT for short. On the inside, your computer has a private IP address assigned by the router. These private IP addresses cannot be routed on the Internet so your router acts as a go-between for your computer(s) on your network.
If someone successfully hacked your router the wost that could happen would be a denial of service; you'd lose your internet connection. Since your internal network uses private IP addresses an attacker can't directly communicate with the machines on your internal network.
It's possible that an attacker could get control of your router if you use a default password on it and enable management from the Internet and then port forward the ports on your router to one or more machines on your network. For that reason, most routers disable management from the Internet by default. But you need to set a secure password on the router's management page to guarantee that nobody else gets access to it.
Now on the wireless side of your router things get much more nasty, at least potentially. If your wireless is not secured, anyone within range can get access to your Internet connection and potentially the machines on your network. For this reason, it's always a good idea to use firewalls on all machines when using wireless especially if it's not secured.
All wireless routers support some form of encryption. All of them support WEP encryption and newer ones support WPA encryption. WPA is far superior to WEP though WEP is better than nothing at all. For a home or small office network, you need to use WPA2 or WPA-PSK. The original WPA specification is not compatible with SOHO networks. If your router doesn't support some form of WPA encryption, there may be a firmware update for your router that implements it; check the manufacturer's website for that.
The primary differences between your small home router and that honking big box at work are in the optional features on the one at work and its throughput capabilities. The large enterprise boxes support such things as multiple IP addresses on all interfaces, one-to-one NAT, and application layer inspection. They also support VPNs -- Virtual Private Networks that allow the enterprise to securely extend the Corporate network to other sites across the insecure internet. They also support much higher bandwidth than SOHO routers. Enterprise firewalls and routers support throughput up to 100 Mbps or even higher. Most SOHO routers max out around 10 - 20 Mbps at best since most cosumer broadband connections are slower than that.
2007-01-21 06:11:02 · answer #3 · answered by Bostonian In MO 7 · 0⤊ 0⤋
The router firewall is your first line of defense and it is a pretty good firewall. For out right security enable WPA, almost un-hackable - it takes too much computing power and knowledge even to attempt breaking this security feature, there is also WEP, but that can be broken with not too much of a problem by knowledgeable hackers. No body tries to break WPA. Nothing gets into your system without the router supplied key code(password) and neither can you if you loose it. Although you have to install it only once in your system, if you ever have to reformat your system without that number you will be locked out of the router. I gave my number to my brother and I have his as a security measure and of course I have it written down somewhere at home. Have never used it in three years.
2007-01-21 04:55:51 · answer #4 · answered by Anonymous · 0⤊ 0⤋
once you've more suitable then a million computing gadget go away the firewall on the router on yet when its purely a million computing gadget then i'd persist with the computer firewall as you've more suitable administration. even with the very shown actuality that the default settings on your router firewall shouldn't reason a difficulty. yet all you want is a million appropriate configured, 2 is purely more suitable hardship to troubleshoot themes
2016-10-15 21:34:11 · answer #5 · answered by cohan 4 · 0⤊ 0⤋
it helps to have a router in-line, because if a hacker is port scanning your ip address he is actually only hitting your router and not the PC. often routers have utilities built in that specifically block or allow access to port ranges or specific ports you want to allow.
it helps allot, and cuts down on the amount of work your software firewall has to do thus making your computer run smoother as well as provide extra protection.
2007-01-21 04:49:05 · answer #6 · answered by Anonymous · 0⤊ 0⤋
Very low to high threats. Firewall does not recognize any virus sent through trojan. For example, Trojan.dement.vp or Trojan.blah.blah.
It doesnot protect you from very high threats either. I recommand having Anti-virus and Anti-spyware on your computer to help the fire-wall. Firewall is a good thing though.
Router is good because it blocks some of the unwanted spyware before it reaches your computer.
2007-01-21 04:56:22 · answer #7 · answered by Mafia 4 · 0⤊ 0⤋