WRT54G good enough?

Discussion in 'Cisco/Linksys Wireless Routers' started by SteveL, Dec 19, 2004.

  1. SteveL

    SteveL Network Guru Member

    Hi all, new here.
    I replaced my Linksys BEFSR41 with the WRT54G (ethernet with wireless disabled). I only have one older Pentium II 300MHZ computer hooked to the internet through a Linksys cable modem and it has always worked really well.

    I was happy with what I had until I had to update my virus scanner and then everything worked too slow. I couldn't customize the McAfee Vscan the way I liked and I felt that the virus scanner and firewall had become my main app. I uninstalled the McAfee software and software firewall and then installed AVGFree antivirus. I feel like I have a new computer now-- its fast and responsive again.

    I bought the WRT54G because I think the built-in firewall is all I need-- I know that a software firewall would be even more protection. However, I also want to enjoy using my computer. Some people I have talked to have been critical of my decision to rely on the NAT and SPI alone for a firewall; am I making that bad of a decision? I know people that use software firewalls with only a cable modem and they think that is perfectly OK.

    My wife and myself are the only users of this computer and we are pretty careful about what we are doing. I run AdAware regularly and scan the harddrive regularly.

    The way some people talk you'd think I was committing a sin not running ZAlarm or McAfee or Norton firewalls. If I had a more powerful computer I could probably run McAfee VS 9 and the software firewall that came with it and not take a performance hit.

    Am I making such a big mistake? My computer is not a spammer and I think I would catch it if that did happen (never has yet).
  2. Esquire

    Esquire Mesquire Staff Member Member

    Honestly, there is no single answer to this, but personally I don't think you are wrong.

    Security is best done in layers and at the other extreme there are those who think there is no such thing as having enough security. While SPI firewall in the WRT54G is better than simple NAT protection, it is only protection in one direction (incoming traffic) and it's an ON/OFF affair. Software firewalls usually offer full control in both directions and some advanced features such as rules, but it does have disadvantages such as consuming computer resources and being able to be compromised under the influence of a worm/virus/trojan (same goes to antivirus applications). At the end of the day, it depends on how much and how many layers of security is acceptable to you. I know a few friends who are happy with only their NAT protection (not even SPI firewall) and Block WAN request to stop intruders.

    From your description it looks to me like the PII is not connected to the router but to the modem directly. Am I correct? So how is your network laid out in terms of the WRT54G and the cable modem?

    There are a few more ways to make your network safer. Which version Windows are you running on your PII? If the PII is the only computer on your network, you can make it safer still by disabling File and Printer Sharing service. Older Windows versions do not have this installed by default, so you might not need to do anything.

    Have you tried using security online scanners provided by some vendors to give some reassurance that your current security setup is fine (if not the maximum)? I use Gibson Research's Shields Up! to test the firewall on friend's systems by probing ports on the network/system (Steve Gibson by the way is the person who pointed to vulnerabilities in the first firewall products from vendors such as Symantec and McAfee), and my WRT54G passed with flying colours with UPnP and Port Forwarding disabled (I do use both services so test results will differ when enabled). Give Shields Up! a try and see if your network protection is sound.
  3. Esquire

    Esquire Mesquire Staff Member Member

    PS. Welcome to Linksysinfo.org :D
  4. SteveL

    SteveL Network Guru Member

    Re: network...

    Thanks for the info. I didn't know that software firewalls might become compromised, thats good to know.

    I have my computer hooked up to the WRT54G via ethernet and the WRT54G hooked up to the cable modem. I think this router might be a good router for me in the future if I go wireless.

    My OS is Windows 98SE and I have file and print sharing disabled.

    I went to Shields Up and tested the Ports(?) and it said that there was no indication that there is a computer here-- fully stealthed. Thanks for the info on that. I wonder what else I should test at that site? Anything?

    I will have to read up on the firmware mods-- that really is interesting to me.
  5. Esquire

    Esquire Mesquire Staff Member Member

    Ah... so you do have a typical setup with the router connected to the modem - from your first post I thought you had something else, and yes, there are some virus/worm/trojans that have been known to disable the real time/auto protect feature of certain anti-virus programs, a few of these disable firewalls in addition so make sure your AVG is kept up to date. Are you using AVG Free Edition 7 by the way? If you are still using version 6, updates are due to expire soon, but you can download the latest version 7 already.

    Did you test using the All Service Ports scan featured on Sheilds Up!!? Note it probes only the first 1056 TCP ports on your network for vulnerability (there are 65535 ports in all) as well as issues such as Ping Reply - there is an explanation at the end of the All Service probe on why he is only testing the first 1056 ports. Shields Up!! also provides other tests such as probing a specific port not covered by this All Service test, any vulnerability with your file sharing and browser header, so when you have the time take the rest of the tests available (under a blue "box" titled "Shelds Up!! Services" and read the explanations accompanying them. Windows 9x versions don't have file/printer sharing enabled by default so it should do well in Sheilds Up!! File Sharing test :wink:

    Have fun :D
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice