Re: Linksys 4-port Router NAT/Firewall

["Larry D'Anna" <larry () pink dhs org>]

* Litscher, Steven (Steven.Litscher () OJA STATE WI US) [000824 20:08]:
> Greetings All,
>
> I recently purchased a Linksys 4-port router (BEFSR41) for use with my
> soon-to-be-growing home network (it's only 2 pc's right now).  I'm extremely
> new to networking, so please forgive me if these questions are too
> elementary...
>
> 1) Is the firewall that comes with the router safe enough that I don't have
> to continue using software firewalls (ZoneAlarm)?

As Bruce Schneier would say, security is a process, not a product.  A
firewall is one way to make life more difficult for an attacker, but it
doesn't guarantee security by any means.  What does the linksys do?
What does ZoneAlarm do?  If they are doing basicly the same things
(and I suspect they are) and neither of them has known vulnerabilities
then it probably doesn't matter which you use.  If one of them is
doing cool intrusion detection stuff and the other isn't then go with
the one that is.  Of course you could just use them both as well.  All
I'm trying to say is that you shouldn't think of a firewall as being
"safe" or "unsafe" or "safe enough".  You should think of it in terms
the specific functionality it provides.  See the recent thread in
bugtraq about using brownorrifice to totally bypass almost any
firewall that lets web traffic through.

        --larry