Disabling your router firewall

E

Equinox

Well-Known Member
Joined
Nov 9, 2005
Messages
480
Reaction score
0
Location
Australia
I've never quite understood the use of the marconi router's firewall and now I have an application which needs to have persistant connections to a remote server.
What security vulnerabilities are you opening yourself up to by disabling the router firewall?
 
I'm not sure, probably all vulnerablities, make sure you have a good software firewall, I would recommend zone alarm if you know how to configure it, but it's a real lockdown thing that would probably interfere with what you want to do. Just check in the advanced firewall options on that router, enable ICMP (or IGMP) not sure anymore, it should allow you to ping and all that, which the connection needs.
 
Equinox said:
I've never quite understood the use of the marconi router's firewall and now I have an application which needs to have persistant connections to a remote server.
What security vulnerabilities are you opening yourself up to by disabling the router firewall?
Click to expand...
Cant you just forward the correct ports rather than disabling your firewall?

The use of a hardware firewall? NAT Security. If you rely upon a software firewall and your computer becomes compromised then you'll have nothing between your pc and the big bad world ;)
 
I would not disable your router firewall. If you do get a free firewall program for your computer.

Think of it this way: If your router is the firewall they get stopped at the router.

If your firewall is on your pc they get stopped at your pc.

Which sounds more secure....

I would go with bwana v.19 suggestion....
 
I'm probably wrong, but surely unless those ports are forwarded, they cant connect to my local IP without an established connection from the inside?
 
Equinox said:
I'm probably wrong, but surely unless those ports are forwarded, they cant connect to my local IP without an established connection from the inside?
Click to expand...
You forward ports to a fixed internal IP rather than a DHCP assigned one.
 
Do you need all port opened? Otherwise I would say only open the needed port. I'm using a Netgear firewall router and had to do this for my uTorrent. Unfortunately I don't know the Marconi router that well. Soz:)
 
bwana v.19 said:
If you rely upon a software firewall and your computer becomes compromised then you'll have nothing between your pc and the big bad world ;)
Click to expand...


So do you reply on the software firewall as i seem to remember that you are in bridge mode...
 
ziglet said:
So do you reply on the software firewall as i seem to remember that you are in bridge mode...
Click to expand...
I'm running in bridged and pppoe mode at the same time. My XP machine sits behind the router's firewall whenever possible.

My other machines which are usually running in bridged mode are all mac's, fortunately I dont have to worry too much about them. :)
 
ah, very nice. What router do you have that allows pppoe and bridge at the same time?
 
ziglet said:
ah, very nice. What router do you have that allows pppoe and bridge at the same time?
Click to expand...
Mine is the SMC7904BRA but apparently quite a few routers from various vendors let you do it.
 
bwana v.19 said:
Mine is the SMC7904BRA but apparently quite a few routers from various vendors let you do it.
Click to expand...

So you just have it in pppoe mode connected and then router still allows for bridge connections. Or is there a setting you change?
 
ziglet said:
So you just have it in pppoe mode connected and then router still allows for bridge connections. Or is there a setting you change?
Click to expand...
That's about it - atm I have pppoe set up to connect via my IS account. Then whenever I want access via a SAIX account I just initiate a dial up from which ever machine needs it.
 
Ive got the same problem. With that routers firewall enabled it drops persistant connections. Services like ssh, irc, skype keep dropping. These are all out going connections. So no incoming port forwarding needs to be setup.

Any ideas how to stop this?
 
Like I said last year, check the advanced firewall options, there are options that allow you to bypass the firewall in a certain sense, it does not make it obsolete, but it allows certain ports to go through ;)

I don't have the marconi router any longer, I'm using a Billion now,
 
I had one of the earlier marconi routers (replaced, thank goodness) and it kept on dropping IRC (as w1z4rd said, persistent connections) and it was highly annoying.

Something a bit OT: I have my router in bridge mode (for good reasons) and my computer is running windows 2003. I am constantly receiving updates from WSUS and have nothing shared. I have also removed all the admin shares.
I don't run anything service related that could compromise my computer.

Is my computer relatively safe?

I just hate firewall applications :( They are very annoying.
 
I added an outgoing allow all rule, I will see if that made a difference.
 
Well it depends FaTaL, if you've got a hardware firewall like the one on your router, that makes it relatively safe, if you don't and you run no firewall at all, well that's pretty senseless asking the question then ;) :p :D
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X