July 14th, 2003, 07:15 PM
Linksys befsr41 settings/help
I have a linksys befsr41 router , and was curious...... is there a certain way to set this up for maximum security?
I don`t have a full understanding of a Nat firewall. as you can see.
On my computer which is a personal home computer i have the linksys switch and norton internet security.my internet connection is a cable modem. I have also seen that alot of people think that norton sucks. Is this true?
I guess what my question is : what should i do for maximum security?
Get rid of norton? re-configure my router?
Hopefully this question is not too newbie...it seems i am learning alot, just not about 1 thing , i jump all over with my readings. I am reading about tcp/ip right know and it is interesting.
Thanks in advance, mike
July 14th, 2003, 07:41 PM
I use the exact router for my home setup. The BEFSR41 is fairly well setup right out of the box. From a security standpoint, you are using Network Address Translation (NAT). Essentially, you only have one address that the outside world can see, but you can have multiple addresses within your network. Further, using NAT, a packet isn't going to pass back through your firewall unless a machine from inside the network requested it. Your machines inside the network are masked from the outside world. I would recommend not placing any of your machines in the DMZ unless you have a specific need to do so. Also, the port forwarding, blocking settings, etc. are OK for a typical home user, so you shouldn't have to touch those.
Also for the Linksys, I'd recommend keeping an eye on your logs to see the action that your router is getting. You can view the logs via the setup browser, or you can direct those logs to a PC on your network. Download LogViewer, available from the Linksys site, and always run it - it's a Windows app. that will show you your incoming and outgoing traffic through the router.
You should not, however, rely completely on your router for your security setup. Everyone has their opinions about which software firewall to use, etc. Regardless of the software you are using, it MUST be configured correctly to achieve maximum use. You can have the top of the line, most expensive solution there is, but if you have it configured wrong, it's worthless because it won't be doing it's job. If you have Norton setup correctly, there is nothing wrong with continuing to use it. If you'd like to try some others (free and pay fors), then have a look around the forums - this topic has been discussed many times. Outpost is one you should check out if you are going to search around...
Configuring hardware and software firewalls is just part of the methods used to achieve maximum security for your PC. You should also be using anti-virus software, running trojan scanners/cleaners periodically, keeping spyware and adware out of your system using something like Ad-Aware, etc...
I hope I've been of some help to you...
July 14th, 2003, 07:58 PM
Thanks Maverick for the helpful reply,
The only ports that i ever have to forward are 1214 for kazaa lite, I use Kanat for kazaa lite,its supposed to let me access other people files that also use a router ....it changes my lan ip to wan ip...... and 139 for mIRC.
Iam very religous about watching logs,and have the linksys printed out to me.
I use norton anti-virus....the claener,,,,and spyware blaster from javacools.
i heard that adaware did something to the tcp/ip stack?....ayways....looks like i am all set.
July 15th, 2003, 07:42 AM
You should close Port 139.....(IRC works fine [for me] without 'any' ports opened)
July 15th, 2003, 09:54 AM
Some good points & advice from all on this thread.
I have the same router and dcongram is right you dont need Port 139 open.
Now this is a bit sales and marketing BUT ...Linksys do recommend Trend Micro's Pc-Cillin AntiVirus Software and ISS BlackICE Firewall.
There are (somewhere) in the WebUI two check boxes which you tick if you have PC-Cillin and BlackICE. The Linksys does acutally integrate / interoperate with these applications so I think it should help create tighter border security for you. (Any little helps)
Also just as a mad hatter foot note: I recently purchased SOCOM Navy Seals for the Playstation 2 and the Ethernet Adapter... The intstructions went on and on about how if you had a router you needed to setup port forwarding for the USB headset to work properly.
BUT I DIDNT HAVE TO IT ALL WORKED FINE AS IS?? Weird Huh?
I remember when Nihil was ickle. Does that mean I'm old?
July 15th, 2003, 01:28 PM
Just another note here, you'll want to be sure that you have updated your router with the latest firmware updates, always available from Linksys... They'll ensure that you have the most current, up-to-date operating software for that router - most certainly good from a security standpoint...
July 15th, 2003, 03:10 PM
the only ports you MIGHT need for IRC would be "113" which is ident.. 139 is NOT somthing you want open for chat. Definately close that port...