Welcome to DU! The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards. Join the community: Create a free account Support DU (and get rid of ads!): Become a Star Member Latest Breaking News Editorials & Other Articles General Discussion The DU Lounge All Forums Issue Forums Culture Forums Alliance Forums Region Forums Support Forums Help & Search

steve2470

(37,468 posts)
15. Should I run a software firewall behind my NAT router? (pretty technical discussion)
Tue Jun 3, 2014, 04:24 PM
Jun 2014

NAT router = D-Link, Linksys, Cisco, Netgear, other "consumer grade" routers

http://www.dslreports.com/faq/4629

Summary

Whilst NAT discards all unsolicited traffic received from the Internet, it does not restrict conversations initiated by the computers behind it. A software firewall (and it's user) would theoretically prevent malicious programs from initiating these 'outbound' conversations. It is worth noting that the most common type of malicious, network-aware program, the Remote Access Trojan (RAT), almost always depends upon an inbound connection from the attacker and is therefore defeated by NAT alone.

Although the threat reduction provided a software firewall employed in this scenario may be relatively small they do provide another layer of defense against certain types of malicious program and may be useful in alerting you to the presence of such.

As detailed previously, NAT discards all unsolicited traffic received from the Internet. Therefore, a software firewall watching inbound traffic would only ever see return traffic - traffic that is part of a conversation initiated by the host computer. Besides the occasional false positive (see here for an example), the software firewall will never produce any 'alerts' on inbound traffic.

So, why do people run them? Well, the advantage that a software firewall holds over hardware devices is that it can associate conversations with the program involved. A standalone NAT or firewall device has no way of determining which program is responsible for the packets it filters - it can only filter on the fields in packet headers such as ports and addresses. If an administrator were to filter all outbound connections except those destined for port 80 (http) they could not assume that the only conversations passing through the device were indeed http. Indeed, some legitimate programs (IM and P2P clients, etc) allow users to set a "firewall mode" whereby they use destination port 80 for all conversations, bypassing "pesky admins and their firewalling" (and often their security policies).

more at link above

I'll kick us off: Use a anti-virus and anti-malware program steve2470 Mar 2014 #1
I had microsoft essentials on another computer for a few years on another computer butterfly77 Mar 2014 #6
ok try Malwarebytes and Spybot Search and Destroy nt steve2470 Mar 2014 #7
Will do.. butterfly77 Mar 2014 #8
I would run them once a week to be safe or keep them running all the time nt steve2470 Mar 2014 #9
Thank you for the mention of Spybot Search. Will try it. n/t truedelphi Sep 2014 #17
For those like me, this is great. Keep up the good work and thank you. n/t Paper Roses Mar 2014 #2
A few of my safety practices. TygrBright Mar 2014 #3
Where do you get a script blocker? truedelphi Sep 2014 #18
Depends on what browser you use. With Firefox, I use NoScript. TygrBright Sep 2014 #20
This looks like a good cyber-security site steve2470 Mar 2014 #4
2 more sites steve2470 Mar 2014 #5
I have several old computers CountAllVotes Mar 2014 #10
Thanking you for offering up help for my older computers. truedelphi Sep 2014 #19
XP Pro CountAllVotes Sep 2014 #21
Does the Windows Seven have a desk-top look like XP does? truedelphi Sep 2014 #22
Yes, it looks very similar CountAllVotes Sep 2014 #23
Many Linux distros run well on older PCs Baobab Mar 2016 #25
Thanks for the link to distrowatch.com Very appreciated. n/t truedelphi Mar 2016 #26
Download.com: how to use it and not get crappy adware in your downloads steve2470 Mar 2014 #11
Symptoms of (Malware/Virus) Infection steve2470 Mar 2014 #12
Rootkits: another kind of nasty malware steve2470 Mar 2014 #13
Strong password guide by Microsoft chrisa Apr 2014 #14
Should I run a software firewall behind my NAT router? (pretty technical discussion) steve2470 Jun 2014 #15
Best Antivirus, dead tree Maximum PC magazine, July 2014 steve2470 Jun 2014 #16
Best antivirus? vpiperis Nov 2014 #24
I am following these 10 steps before doing an online shopping borisdavenport Aug 2016 #27
Latest Discussions»Help & Search»Computer Help and Support»Stickied thread: Safe int...»Reply #15