PDA

View Full Version : Do you need to install a firewall if using a Dynalink rta300?



Mcpisik
28-03-2004, 05:43 PM
HI, I'm just about to install a Dynalink rta300 router to use Jetstream, and was wondering if I need to have a firewall installed, or is the one in the router itself enough? I do have Norton Firewall, but don't currently have it installed with my 56k connection. Thanks for your opinions!

Davesdad
28-03-2004, 05:48 PM
Integrated security features of the RTA300 include a powerful stateful inspection firewall and intrusion protection functions. These combine to provide robust access control and prevent unauthorised access to sensitive data on your computer or network. The RTA300 comes with convenient preset levels of security. Inexperienced users can choose a suitable level of firewall protection without having to learn how firewall policies are made. Expert users may define their firewall rules, or apply filters to ports according to source or destination IP address, or protocol. Hosting of web services is made easier with the support of DMZ (exposed) host.

tweak\'e
28-03-2004, 05:53 PM
the short ver....

yes!

the router provides an incoming firewall but dosn't do any aplication controlling. for that you need a personal firewall such as nortons sicurty, zonealarm, sygate etc.

Mcpisik
28-03-2004, 06:15 PM
Nice one...thanks for that. I'll install it right now! Cheers

PoWa
28-03-2004, 08:36 PM
The RTA300 has excellent NAT capabilities, which masks your inside computer's IP's from even being seen on the net. If you go to GRC.com you will find it will give your setup a full stealth report for every port. Some other router's (D-Link in particular) don't stealth the Ident port and show it up as 'closed', but this one does very well. Thats one layer of security.

Second layer, is the IDS (Intrusion Detection System). You can enable that in the security options. That basically slows down DOS (Denial of Service) type attacks and some other intrusions.

For the third layer, you can enable the SPI (Stateful Packet Inspection) firewall. If you enable this, then you will have to specify pinholes for your data to go through. More information on this on the website and the full manual. Basically one example is you can allow outgoing connections on port 80 to 0.0.0.0 (any IP) and that will allow web browsing. To do more stuff you'll need to make more pinholes.

But for full security as tweakE says, you might want to consider a firewall for the computer's separately. That will give you control over which programs are accessing the net, and stop trojans and spyware from using your bandwidth.

Also, NAT alone (which is on by default) is not complete security. I believe its been hacked already. Only needs a cleverly designed worm to route through to the inside IP's of the network.

Mcpisik
28-03-2004, 09:08 PM
Now that was a thorough informative reply thanks! I'll follow that all thru once ive got it set up. Thanks!