Router and security
Official PPRuNe Chaplain
Thread Starter
Join Date: Apr 2001
Location: Witnesham, Suffolk
Age: 80
Posts: 3,498
Likes: 0
Received 0 Likes
on
0 Posts
Router and security
I finally got round to installing the adsl router that's been sitting on the bench here for months. I had some problems, now fixed, and now I'm cleaning up some of the junk.
I assume I should keep ZoneAlarm on each PC, despite the native firewall in the router?
I also see that an application called "Generic Host Process" keeps accessing the internet - it seems to like 212.23.8.1:53. Should it be doing that?
A while ago someone posted a link to a list of stuff that sits in Win XP, much of which can/should be disabled. I had done that disabling - and it stopped the LAN card talking to the router till I turned several items back on.
Is there a definitive list of all these apps and what is/is not safe to leave running? Clearly DHCP is needed, for example (no LAN otherwise).
I assume I should keep ZoneAlarm on each PC, despite the native firewall in the router?
I also see that an application called "Generic Host Process" keeps accessing the internet - it seems to like 212.23.8.1:53. Should it be doing that?
A while ago someone posted a link to a list of stuff that sits in Win XP, much of which can/should be disabled. I had done that disabling - and it stopped the LAN card talking to the router till I turned several items back on.
Is there a definitive list of all these apps and what is/is not safe to leave running? Clearly DHCP is needed, for example (no LAN otherwise).
The Oracle
Join Date: Aug 2001
Location: Naples, Florida U.S.A.
Posts: 2,902
Likes: 0
Received 0 Likes
on
0 Posts
Keef,
With a Router, ZA is not needed. You could leave ZA on for a couple of weeks just to verify your Router is doing its job. Then delete it.
You can run Routers with or without DHCP. For work, I manually assign all the IPs and DNS's. At home, I just use DHCP. It is all personal preference.
As for Generic Host Process, this article might help:
A Description of Svchost.exe in Windows XP
For what services to run, there is no better recourse than Black Viper:
Windows XP Home and Professional Service Configurations
Take Care,
Richard
With a Router, ZA is not needed. You could leave ZA on for a couple of weeks just to verify your Router is doing its job. Then delete it.
You can run Routers with or without DHCP. For work, I manually assign all the IPs and DNS's. At home, I just use DHCP. It is all personal preference.
As for Generic Host Process, this article might help:
A Description of Svchost.exe in Windows XP
For what services to run, there is no better recourse than Black Viper:
Windows XP Home and Professional Service Configurations
Take Care,
Richard
Join Date: Jul 2002
Location: CYYC
Posts: 410
Likes: 0
Received 0 Likes
on
0 Posts
One thing that ZoneAlarm and most other software firewalls (WindowsXP's built in firewall is one exception) do that most routers don't is control the outgoing connection from your computer. If you get a virus or trojan that your anitvirus software doesn't know about it could connect to the internet and the hardware router would happily let it. ZoneAlarm could easily stop these malicious programs from getting out, either because the virus wants to infect other computers, or because it's trying to call home to download more software onto your computer. If you want to read a little more, you go here and go to the Shields Up! section.
goates
goates
Supercalifragilistic
expialidocious
expialidocious
Join Date: Sep 2001
Location: Essex, UK
Posts: 588
Likes: 0
Received 0 Likes
on
0 Posts
goates is spot on about outbound protection, it's a last line of defence from spreading stuff to the rest of your net / collegues etc if your AV fails or somone runs something they should not.
Also if you have any sort of wireless link inside of your router protected area, i'd keep ZA on.
Also if you have any sort of wireless link inside of your router protected area, i'd keep ZA on.
Last edited by Memetic; 22nd Jan 2004 at 23:35.