PDA

View Full Version : OT - computer firewall conflict



millwrong
08-23-2011, 06:30 PM
I just upgraded to 50 Mbps internet. The modem,( Cisco dpc3825) appears to have a built in router with the usual router software, including a firewall. I have Bitdefender Anti-Virus software. My bandwidth was huge. The delay to connect to a site was 15-25 seconds! It was like going back to dial-up! The isp techs weren't able to help, so I decided to play. I disabled the modem firewall software, and voila! My question is in regards to the wisdom of this. Is my software firewall sufficient? Should I be doing/invoking some other software voodoo that protects me?

Iraiam
08-23-2011, 07:51 PM
If you want to run without the firewall, MAKE SURE you are using a private IP address format, as all traffic must be translated from the Internet to the private IP with NAT, this makes it far more difficult for someone outside your network to attack your systems. Here is a quick copy\paste of some examples


10.0.0.0/8. The 10.0.0.0/8 private network is a Class A network ID that supports the following range of valid IP addresses: 10.0.0.1 through 10.255.255.254. The 10.0.0.0/8 private network has 24 host bits that a private organization can use for any subnetting scheme within the organization.

172.16.0.0/12. The 172.16.0.0/12 private network can be interpreted either as a block of 16 Class B network IDs or as a 20-bit assignable address space (20 host bits) that can be used for any subnetting scheme within the private organization. The 172.16.0.0/12 private network supports the following range of valid IP addresses: 172.16.0.1 through 172.31.255.254.

192.168.0.0/16. The 192.168.0.0/16 private network can be interpreted either as a block of 256 Class C network IDs or as a 16-bit assignable address space (16 host bits) that can be used for any subnetting scheme within the private organization. The 192.168.0.0/16 private network supports the following range of valid IP addresses: 192.168.0.1 through 192.168.255.254.

Scottike
08-23-2011, 08:12 PM
Multiple lines of defense are a good thing! If your router firewall doesn't want to play fast and you can't get it going, download a couple of the free AV programs and run them along with your bitdefender. All AV programs have their weakspots, the idea would be to have av programs that cover each others weaknesses, so what one misses the other(s) catch.
I'm Assuming(yea, I know) you've already talked with cisco support and have the latest firmware/software updates for your modem?
Also, have you done a full clear reboot of your router and taken it back it's factory default settings and then reset all of your particulars?(user names & passwords, protocols, ports etc.)
The best possible solution would of course be to get the modem firewall back in order at the higher speed, and I would try to make that happen before doing the alternatives

edit: did you try disableing bitdefender and enabling the router av only and see how that worked? maybe there's a conflict between the two at the higher speed.
Weird things happen with computers sometimes.

beanbag
08-23-2011, 08:22 PM
The short version is that if you bring up a command prompt and type ipconfig and see that your ip address is 10.x.x.x or 192.168.x.x, then you don't need to run a firewall. All you really need to do is change the default password and wireless password on the modem/router itself.

I don't recommend running multiple antivirus and firewall software because it will make your computer run slow.

dp
08-23-2011, 08:36 PM
That router firewall blocks only a few things and of them you need check only the four bottom boxes. The bottom most box just prevents remote ping which can, at times slow down or stop certain services, but not the kind of services you're likely to run. The other three are good things to block. The popups, javascript, etc., are best blocked in your browsers.