Results 1 to 2 of 2
Newbie Firewall Question
This is a discussion on Newbie Firewall Question within the Sky Broadband help forums, part of the Sky Broadband help and support category; Hi all, I am new to the world of ADSL routers, as with my previous ISP I connected via an ...
- 06-09-06, 11:39 PM #1
Newbie Firewall Question
I am new to the world of ADSL routers, as with my previous ISP I connected via an ADSL modem, so please excuse my ignorance here.
OK, it's to do with the router's firewall and the Windows XP SP2 firewall. In XP, I would configure the firewall to allow certain executables the ability to "talk" to the Internet unrestricted. I didn't have any specific ports open in my exceptions list, just the executables and everything worked great.
Now, having read elsewhere on this forum that it's best to disable the OS firewall and use the one on the router I have one question. On the router, if I need an inbound port open, I have to open the port completely. So, for example, in the case of SkyByBroadband they say you need to enable port 8080/TCP inbound on your firewall but don't specify a range of addresses that I can lock that down to. So basically my firewall is now open for 8080 /TCP access inbound for anyone out there in InternetLand.
Isn't that less secure than XP's firewall where it would only allow the SkybyBroadband application to accept inbound connections on that port? If so, should I enable the XP firewall and disable the one on the router?
Thanks for your help all, and sorry if it's a really dumb question!
- 07-09-06, 12:21 AM #2
I guess it all really depends why you need an open port inbound.
If you are using an application that supports UPnP (e.g. video conferencing application, bittorrent, etc) then let the UPnP do the work of opening and closing ports for you. To check is is enabled on your Sky Router click on the UPnP tab.
You certainly shouldn't leave ports open without good reason. (I have even disabled the "Respond to Ping on Internet WAN Port" on the WAN Setup tab.) Personally, I wouldn't rely solely on the Sky Router firewall, either, as your first line application monitoring is best done by a software firewall. I guess Sky include the McAfee software on their CD-ROM for this reason. If you don't want to use the McAfee software then ZoneAlarm is a good one to look at.
For a fuller explanation of software or "personal" firewalls head over to http://www.grc.com/su-firewalls.htm