dslreports logo
 
    All Forums Hot Topics Gallery
spc
uniqs
405
alfamale5
join:2004-03-11
Marysville, WA

alfamale5

Member

[XP] Just One Computer - Do I Need a Router?

Sorry if this has been covered before or has been beaten to death but I didn't see anything in the FAQ that answered this specific question. In about a month I will be getting cable broadband. I just have 1 computer (a tower, upstairs) now but I may add a laptop in 6 months to a year. I have heard it said that users should get a router when they go broadband if for no other reason than greater security (a hardware firewall). I can understand that but what if I am already pretty well protected with my software FW and AV etc. What else will a router do for me?

Thank you.

Kilroy
MVM
join:2002-11-21
Saint Paul, MN

1 recommendation

Kilroy

MVM

Need, no, but one is highly recommeneded. A hardware NAT router also acts as an incoming firewall by dropping all non-requested packets. It will also protect your computer when you perform your initial updates, the most unsecure time for your computer.

Additionally it allows you to easily add other computer to your home network in the future.

Take a listen or read the Security Now! Episode 3 pod cast.
alfamale5
join:2004-03-11
Marysville, WA

alfamale5

Member

Thanks for the concise answer. I wonder if my question would be useful in the FAQ section (Mods - ??).

What about an ethernet card? How would I know if my computer is fast enough to warrant one (vs. USB output)?

stormbow
Freedom isn't FREE
Premium Member
join:2002-07-31
Simi Valley, CA

stormbow to alfamale5

Premium Member

to alfamale5
Network cards are relatively cheap, and they work so much better than USB. Also, I'm not sure about network routers with USB. All the ones I've seen are ethernet.

2kmaro
Think

join:2000-07-11
Oklahoma City, OK

2kmaro to alfamale5

to alfamale5
I think that your question and its answer would be a fine addition to our FAQs. Why don't you confer with Kilroy See Profile to agree on its content and wording and one of you could submit it to a FAQ and get some extra brownie points here at DSLR for your submission. Don't think we can give points to both of you, but at least the other could get honorable mention in the FAQ itself?

Another reason or two in considering a router for even a single system:
It provides a backup for your software firewall if there is any kind of failure there (doesn't load properly OR with viruses and trojans targeting specific anti-virus and possibly software firewall applications), then if your software firewall is compromised at least there will be some protection from other malware just walking right end.

NOTE: if you were to become compromised in such a fashion, the one that took over your system could invite all its buddies in past the router after that, but at least you'd minimize damage to that caused by the one invader. Most likely way to get such an invader: by inviting it onto the system via opening bad email attachment, visiting a malware distributing site, downloading infected free-stuff on the internet.

It is "always on" when you have a connection - no waiting for any length of time at all for the software firewall to be loaded and active during a system boot.

Less chance of something running around on the internet looking for open systems being prepared to battle through both the router and the software firewall.

-----

I personally like these two Netgear units:
FVS-318 8-port Firewalling Router It's what I'm using right now.
Netgear FVS-114 The 4-port version, and
Netgear FRP-114P 4-port plus port to set up a printer as a networked device.

Other brands such as Linksys and Xyxel have similar offerings. I mention Netgear because it's what I have, I can verify that the FVS-318 does what it claims, and I'm happy with it.

Oh, and if you want to include any of my earlier "reasons" for choosing a Router for any home network, feel free to do so without even mentioning my name. Not a problem for me.

Anav
Sarcastic Llama? Naw, Just Acerbic
Premium Member
join:2001-07-16
Dartmouth, NS

3 edits

Anav to alfamale5

Premium Member

to alfamale5
1.5kmayo, its ZyXEL, fur got in your mouth, or chewing on cooties not sure which.

To add to your comments, I have noted people when having problem with their router, connect directly to the modem with their PC for troubleshooting. An unprotected PC, in such a scenario could get affected in seconds. Also, often people (less so these days) have a dial backup system, and this is direct from the PC and thus same same applies.

Due to the nature of network address translation, every inquiry you post to the net (type an url in the browser) goes out via the router and a tag is placed on the outoing traffic. When the answer is returned from the URL site, it contains the same coding packets and thus your router
a. recognizes it as a legitimate solicted return
b. routes it to the correct LAN port.

Thus, the byproduct of NAT is that any packets arriving at your router, that were not originated by a pC behind the router, are dropped (not legitimate). THis is very useful and can be readily seen by anyone useing Zone alarms firewall. Without the router in place, I always got many hits of incoming traffic at the PC. With the router in place that stopped cold.

The advice is sound, keep thinking of the SW firewall as a layer of protection right at your PC, a last line of defence if you will. The router does not replace this but is an adjunct to the SW firewall. A SW firewall and an AV are two core components of security.
alfamale5
join:2004-03-11
Marysville, WA

alfamale5 to 2kmaro

Member

to 2kmaro
said by 2kmaro:

I think that your question and its answer would be a fine addition to our FAQs. Why don't you confer with Kilroy See Profile to agree on its content and wording and one of you could submit it to a FAQ and get some extra brownie points here at DSLR for your submission. Don't think we can give points to both of you, but at least the other could get honorable mention in the FAQ itself?
I hit the "Hey Mods" link to suggest my question be added to the FAQs. Haven't heard back from any yet.