LAN Security Software

[Fred Hoffman]

My question concerns the security software I ought to
install in a new laptop I plan to include in a LAN
connected to the internet through a cable modem.

The scheme I am following is what Windows XP Help
calls "Ethernet network with external DSL or cable
modem". In my setup the cable modem will attach directly
to a host computer through an ethernet connection. The
network hub, a D-Link DI 624 wireless router will connect
to the host computer via a second ethernet port and to the
laptop wireleessly. The host computer is a Dell Dimension
4400 desktop and the one other computer is a Dell 600m
Laptop. Both run Windows XP Home. I have Norton Internet
Security installed on the desktop.

My question is whether it is desirable/necessary to
install a software firewall on the laptop or whether an
antivirus program will be sufficient.

 

[Doug Sherman [MVP]]

This is a very unusual configuration. Is there some reason that you do not
want to connect the DSL modem directly to the router?

In any event, you do not need to run a firewall behind the desktop's
firewall. However, unless you are never going to move the laptop, I would
install the firewall anyway. Just make sure you know how to configure to
allow LAN networking.

Doug Sherman
MCSE Win2k/NT4.0, MCSA, MCP+I, MVP

 

[Guest]

Thanks for your quick response.
I am thinking of doing it this way because it is the way
MS Windows XP Help recommends. I thought it might
minimize firewall difficulties in communicating between
the two computers also.
Would you recommend doing it with the router connected
directly to the cable modem and both computers connected
to the router?
Where do I find out how to configure to allow networking?

 

[Doug Sherman [MVP]]

1. I recommend that you connect the cable modem directly to the WAN port on
the router. Forget the second NIC in the desktop and connect the original
NIC to the router's LAN port. Configure and connect the laptop wirelessly
as planned. This is the configuration that the router device is designed to
support. Also, your router likely includes a firewall which will protect
both computers if you use this configuration.

2. RE Software firewalls on networked computers. There are two issues
here:

a. Most personal firewalls are designed to allow and control a direct
connection to the Internet and by default block everything else, including
NetBIOS communication. As a result the typical default settings will
prevent you from communicating with other computers on your network. All(?)
personal firewalls can be configured to allow communication with LAN
computers. However, the way this is done varies depending on the product
and may involve multiple settings - so you'd have to read the manual to
figure it out.

b. Some firewalls run fine behind another firewall, and some don't. In
your original configuration, running a firewall on the laptop might prevent
Internet access even though both the laptop's and the desktop's firewall
were configured to allow it. If instead you connect both computers to the
router, enable the router's firewall, and install software firewalls on the
computers; you have the same situation - you are running a firewall behind
another firewall. Sometimes this works fine and sometimes it doesn't -
varies by product and seems to be more of a problem where NAT or proxy
servers are used. Both your scenarios involve NAT.

Doug Sherman
MCSE Win2k/NT4.0, MCSA, MCP+I, MVP