Jump to content

Is a firewall necessary? [solved]


Recommended Posts

Hi all!


If a single computer (not on a LAN) connects to the internet via a ADSL modem router (that comes with a firewall) is it necessary to install shorewall? I hope not, because I recently installed Mandriva 2006 for a friend and assumed that the modem router firewall was enough and that using shorewall as well would slow down her internet use.


Any advice would be muchly appreciated. Thanks.

Link to comment
Share on other sites

She's probably ok, but a good way to check is to use one of the stealth check sites that check if the machine is invisible to scans from the internet.


http://www.grc.com/intro.htm (go to the ShieldsUp link for the stealth test)



I always run a firewall on my machines in additional to having them behind a router. Routers supposedly can leak, and the firewall is probably not that much of a performance hit. You can do some tests with and without the software firewall by going to a broadband speed site and checking throughput. For example:





Of course, you'll need to run a statistically significant number of tests for it to be meaningful.

Edited by jboy
Link to comment
Share on other sites

I run shorewall and just about every reasonable security measure available in Mandriva and I don't find my internet use slowed down by any noticeable degree. So what if it takes another 1 or 2 seconds for something to happen? I really can't get over this time impatience thing that seems to exist everywhere. Bootup time too long, Login time too long, website connect time too long and so on ad infinitum. Most of the time the discussion is only over a few seconds.

A lot of the security measures may currently not be a big issue but who knows when its need might suddenly arise. Want to shut the gate after your property has been stolen or damaged.

If of course something is taking 2 or 3 minutes for something you think should only take 10 or 15 seconds then of course you need to investigate and perhaps rethink your setup a little.


Cheers. John.

Link to comment
Share on other sites

Is a firewall required?


That is up to you in the case with a friend of mine using XP he needs one. Do using linux.


If a person decides to attack you for no reason or thinking you are some one else then it comes down to time.


How long will it take for you to recover from a deletion of a database, an important file, or on the personal side those photos you took last year.


I lost a hard drive sparks and smoke 40GB of data lost, or was it i was using it mainly as a back up drive but there were documents which i could get again from the web but it took an entire month to rebuild all the information i had previously.


It was my fault for not having a back up of some of these files but i did have the important files in two places. Being my own fault it was easier to accept that the drive failed. Had it been an attacker, then knowing the limits of the law let alone the law will not get back your files, i would have been much more annoyed.


How much does it slow you down, Not much if any. I use a older computer for the firewall and the network connections are 10-100 but the Internet is only 1 so i have allot of wasted speed there. The firewall Device (Computer) does not place an extra load on my computer in its normal functions.


I get protection the various attacking sites that randomly attack Internet connections never get to my computer thus my actions are not affected except when i browse.


Now i can get streams from websites download torrent files in record times and upload data to other sites with no real affect on my productivity.


My home computer does not have a separate Firewall but the amount of productivity lost by having the firewall running is not affecting me while working locally but when i am on the net, I am not earning money from home at the moment so productivity is not a cost factor.


I would always advise yes use one, better to be safe than sorry. I have a fire extinguisher and smoke alarms to protect my life and property, so why not have a firewall to protect my memories.




To answer the Router question it does not get updated.


But your shorewall / mandi can be every day.


So the day you purchased the router it was already out of date..

Link to comment
Share on other sites

I have a router and hardware firewall. I used to use shorewall, but removed it because, well, what's the point when you have a firewall on the router and firewall itself. Now, I've disabled the firewall on the router, and I just run with the hardware firewall.


Too many firewalls will complicate things if you're trying to get incoming connections. If not, then run as many as you like and be happy you have a few layers of security :P

Link to comment
Share on other sites

A router firewall is generally ok, if it passes all the tests. Make sure no unnecessary ports are open, etc. etc. and it should be fine.


I don't run a firewall on any of the boxes behind my router, except for our server (this is just for double-security and probably not necessary either).


Desktop firewalls generally just get in the way of LAN traffic and while they offer some extra security are generally not necessary.

Link to comment
Share on other sites

Thanks to everyone who replied for their input. Obviously thoughts/opinions are divided on this one!


I think I will install shorewall on her computer because she has some important business data on it and I would feel pretty bad if the worst were to happen.


Once again, many thanks.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Create New...