PDA

View Full Version : Two software firewalls overkill?


KlondikeGeoff
11-21-2005, 06:00 PM
Have used ZoneAlarm for some time. Recently changed from dialup to cable, so have a router as hardware firewall too.

Also recently changed antivirus program to TrlendMicro's PC-cillin. It has, among other things, a firewall that can be turned on or not. I tried it, and don't see any conflicts, but am wondering if that and ZoneAlarm together makes any sense.

Will one do something the other won't in preventing intrusion, or is it just redundancy?

Jayrot
11-21-2005, 06:10 PM
No, it's just redundancy (and can cause conflict from time to time, though that's more common with running 2 anti-viruses at once). Furthermore, the hardware firewall is usally more than sufficient. The only thing you really get from a software firewall like Zonealarm is protection from an infection YOU ALREADY HAVE that's trying to dial out. It won't do anything for the incoming intrusions. THe other thing it could possibly protect against is if someone were to plug in an infected machine to your network behind the router's firewall.

Many people (myself included) don't use any software firewall at all but rather just maintain safe computing habits and do antivirus scans regularly.

Southessex
11-21-2005, 11:02 PM
So you have three firewalls in place - one hardware and two software? That's total overkill, man. You're wasting system resources and CPU cycles - the additional software firewall just isn't worth it.

Bongmaster
11-23-2005, 10:34 AM
Another vote that one is sufficient. Pick the one you like best, get rid of the rest. it will only cause problems to have more than one running.

Jayrot
11-23-2005, 10:41 AM
I'd have to disagree there, Master Bong.

Just use the hardware firewall (i.e. the router). NAT routers are far superior to software firewalls (ehh, for one thing, a nasty virus can't just turn them off!). As I mentioned above, the only preventative advantage to having a software firewall behind a router is if, say, you had a kid on your local network who may be infecting himself (p2p downloading?).

Futile Gesture
11-23-2005, 10:48 AM
I keep a software firewall as well as the hardware one on my router because it can tell me what software is sending (or attempting to send) the traffic. The router doesn't know and doesn't care.

The Shroud
11-23-2005, 10:57 AM
I'm sure my router is sufficient, but I also run Sygate (http://soho.sygate.com/products/spf_standard.htm), mostly to control which applications "phone home" over the net. I'm always surprised how many non-Internet applications want to access the Internet, even when I've turned off auto-update options and such.

KlondikeGeoff
11-23-2005, 11:02 AM
Thanks, all, for the info. There does seem to be a bit of disagreement about using a software firewall in addition to the router, and as can't see any problem with it, will continue with ZoneAlarm, but have turned off the antivirus one. Going with the old belt-and-suspenders policy. :)

PatriotX
11-23-2005, 11:09 AM
I've never been happy w/ Zone Alarm's reporting - it always tells me a prog was trying to connect to my DNS. Further, free ZA doesn't allow for rules configuration.

Hardware is good for keeping people out but donesn't work so well for keeping baddies who're already in from calling home. That's what the software one is better for. Plus they can provide useful logging and other services.

I recommend Sygate.

Jayrot
11-23-2005, 11:51 AM
OK, I'll agree with the above, but my point (or is it a sermon?) is that you're far far better off just practicing safe computing, than relying on a software firewall. (not saying you are, I'm just pontificating).

Indeed, a software firewall will tell you which programs are accessing the internet. Fine. Either they're:

a) phoning home to report on what you're doing, in which case it's spyware and you shouldn't have gotten it in the first place (safe computing!) and should be caught by regular spyware scans (you should be doing this anyway, regardless of firewalls) or

b) it's a program automatically updating / checking for updates, which you want. On Windows machines, it's very important to keep as many of your programs as up to date as possible.

FACT: it is relatively trivial for a virus to disable a software firewall.

However, it's certainly not bad to have a software firewall in addition to your router. I'll second the recommendation for Sygate over Zonealarm. Less bloat.