Router NAT firewall question

[Barry Brindisi]

I, recently visited a web site to view some info about walking with
dumbells. I clicked on a .mov file and was greeted with an intrusion alert
from Norton's firewall app. Needless to say, I ditched that web site;
especially seeing a message about a Trojan horse associated with the site.
By the way, I have NIS 2004.

As it is, I am operating behind a 4 port Linksys router that I assume has a
built in firewall. Shouldn't this have stopped to above intrusion? If not,
then what is it blocking? Though, I did change the router's password, I am
also wanting to know what else I can do to improve it. One of my main
reason is due to my being on DSL; hence the desire to better protect my
system. I'd also like to know how to assess my system's vulnerabilities.

There is just the router and my desktop, running XP. Yes, I did download all
the crit. update from M$'s server and gotten up to date with Norton's
Internet Security app.

 

[purplehaz]

A router does not have a "built in firewall" per-say. A router that does nat
acts/works like a firewall. A firewall, in general, does not block poups,
trojans, viruses, they simple block/hide ports on your computer(ports can be
"connected to" from outside), The firewall guards these ports and stops
unwanted connections to your ports. Some firewalls, mostly software
firewalls, do have popup blockers and anti-virus protection built in, but
that is not their general purpose.

 

[Dave]

You should never "assume" that it has a firewall. Yes, some Linksys routers
have a NAT firewall, but some DO NOT have one. What is the model number of
your router? It may not have one.

 

[Barry Brindisi]

The model # is: BEFW11S4. It's a Wireless-B(802.11b) Broadband router.

 

[Barry Brindisi]

Just visited Linksys' site and found an updated firmware. Now, it is a whole
lot clearer. My router does indeed have NAT. You're right, Dave, about
not assuming that I had NAT.

Now, I want to learn more; so as to maximize my router's abilities.

 

[NobodyMan]

As it is, I am operating behind a 4 port Linksys router that I assume has a
built in firewall. Shouldn't this have stopped to above intrusion? If not,
then what is it blocking? Though, I did change the router's password, I am
also wanting to know what else I can do to improve it. One of my main
reason is due to my being on DSL; hence the desire to better protect my
system. I'd also like to know how to assess my system's vulnerabilities.

Note: your Router setup may have a firewall tab, but with my Linsys
4-port router, all that does is stop any machine behind the router
from connecting to the router if that machine does not have ZoneAlarm
installed.

 

[Barry Brindisi]

--
To God, Be the GLORY!!!!

Barry Brindisi

Note: your Router setup may have a firewall tab, but with my Linsys
4-port router, all that does is stop any machine behind the router
from connecting to the router if that machine does not have ZoneAlarm
installed.

Huh??? It is correct that you can set up a router to keep your own or
anyone else who is hooked up to that router, from accessing the Internet.
The software firewall ala ZA or NIS is not relevent in that scenario. If
the router is set to block a pc from accessing the Internet, there is no way
a firewall app is going to help counter this.

 

[Old Geek]

A firewall does not block what "you" have invited onto your system. By
clicking to run the file, you gave the invite. Good you had other protection
running! A friend of mine had 1900 plus music files "go gone" in a blink,
because of the same type of happening!

 

[Barry Brindisi]

You're right. I, thankfully had NAV 2004 with an up to date virus
definition running. I've even gone so far to visit www.grc.com and tried
their Shields Up! and Symantec Security Check. Both say my system is pretty
secure.

The only complaint was a port identified as closed; as opposed to Stealth. I
just can't figure out, at the moment, how to do this for port 113.

 

[Gary Hegan]

I have a different router and had the same problem with port 113. The way I
got it stealth was to go into your routers configuration and under port
forwarding setup port 113 to be forwarded to an ip address that the router
is not using. Then go back and see if port 113 is stealth now.

 

[NobodyMan]

Huh??? It is correct that you can set up a router to keep your own or
anyone else who is hooked up to that router, from accessing the Internet.
The software firewall ala ZA or NIS is not relevent in that scenario. If
the router is set to block a pc from accessing the Internet, there is no way
a firewall app is going to help counter this.

No, what I said is correct. My router checks to see if a licensed
version of ZoneAlarm Pro is on the computer that is requesting access.
If it's not, then the router blocks that computer, AND ONLY that
computer from accessing the interent. All the other computers,
properly running ZA, can still access the internet just fine.

It's on the setup configuration/security tab of my Linksys cable/dsl
router.

 

[Barry Brindisi]

--
To God, Be the GLORY!!!!

Barry Brindisi

No, what I said is correct. My router checks to see if a licensed
version of ZoneAlarm Pro is on the computer that is requesting access.
If it's not, then the router blocks that computer, AND ONLY that
computer from accessing the interent. All the other computers,
properly running ZA, can still access the internet just fine.

Cool!!!! I like that!! A router checks to see that you have a legit
firewall software. If you don't have one then you're shut down! Nice!!

 

[Dave]

Didn't you say you had a BEFW11S4 Linksys Router? I looked at the website,
and I can't find any mention of Zone Alarm with that router.

 

[NobodyMan]

Didn't you say you had a BEFW11S4 Linksys Router? I looked at the website,
and I can't find any mention of Zone Alarm with that router.

I didn't say what verion my router is in the post, but it's a BEFSR41
ver 2 etherfast Cable/DSL router w/four port switch. Good enough?

 

[Dave]

I didn't say what verion my router is in the post, but it's a BEFSR41
ver 2 etherfast Cable/DSL router w/four port switch. Good enough?

Sorry I got lost in the thread. The original poster said he had a BEFW11S4.
You must have the BEFSR41 version 2. That is the one with Zone Alarm. The
original version just used a NAT firewall.