Home network Router security qusetion

[hally44]

Apologies if this is a stupid question but as a complete newbie on security issues and having been hacked I feel it is time to get some understanding !

I have 2 pcs (w98) connected via an OfficeConnect ISDN LAN modem to my Service Provider. Each pc has the free Zone alarm firewall program running and also Norton Antivirus.
Whilst I am reasonably confident that the pcs are protected does the router, which I do not think has a physical firewall, pose any risk.
I do realise that this fairly cheap router provides a sort of firewall by blocking incoming requests that did not originate from the home network (NAT?) but is it a weak point?

I think what I am asking is that if someone could get access to it could they do what they wanted from the router i.e see whatever came in and out?

Sorry if this is bit of a general and basic question but just trying to get an understanding of all points of risk.

Many thanks for any advice.

[Tiger Shark]

As a home user security is all kind of a balance.... Cost can be prohibitive but at the same time you need to understand that what is at risk often isn't worth the cost to an outsider.

With that in mind your router will keep out the dross - the kiddies with no knowledge, talent or skill as will your second layer, (ZoneAlarm). Neither, however would keep out a sufficiently determined attacker.

On the bright side, since the skilled attackers must assume that what is on the other side of the firewall on a home users machine may be absolutely zero s/he won't waste his/her time bothering with your system.

As a home system your setup should be fine.

[hally44]

Many thanks - sort of reassuring. Its just that im a bit paranoic at present given what happened. If, however remote, the router was compromised can there still be something on it that makes me still vunerable i.e some bit of software actually residing on it or would it have been a one off given my ip address changes each time.

[Tiger Shark]

Hally, your paranoia, while being well founded is letting your imagination run away.....

Yes, it is possible to alter the firmware in a router - it was done by someone who installed snort, (an intrusion detection system), on one - I don't remember where I read about it but it was a nice peice of work. The point he made though was that it is incredibly difficult to get everything right but that once he did it was stable. What this means to you is that if someone alters the firmware on your router remotely, (which you should have turned off), the chances are it will simply crash and become a doorstop. The chances of someone successfully doing this on the first attempt are zero. If they fail on the first attempt they will not be able to reconnect - if they can't reconnect they can't "fix" their screw-up.

If your settings on the hardware and on the software router are correct then you have next to nothing to worry about as a home user.

Relax and crack a cold one.....

[hally44]

Thank you Tiger Shark - your comments much appreciated.
I can now rest easy in the thought that the router does not pose a risk and turn my full attention to understanding protecting the pcs.
In addition to Zone Alarm and Norton Antivirus I now have a process viewer, trojan hunter, hijackthis and port explorer installed which i think should cover most things.
Again many thanks.

[hard candy]

Just to be ultra safe, I usually reinstall the firmware on my router if I have any doubts about its security. Especially if an upgrade is available. Also, if you have access to an old computer (lying around or a real cheap buy) you could use it as a firewall running a linux distro and use webadmin or remote SSH to manage it.