Computer questions and solutions....thereof...

[Nalian]

A router does its job by shielding your computer from the internet. It physically disconnects your computer from the outside world.

You can, for the most part, get a similar effect by running a "personal firewall" like ZoneAlarm on your computer. These programs run on your computer as close to the network interface as possible and screen every tiny bit of data going into or out of your computer to make sure it's legitimate. They do have drawbacks, however. They do make your computer slower because they're analyzing every network packet. They can be annoying because they often ask you questions many users won't know how to answer. But the biggest thing is that, with just a personal firewall, anyone on the internet still has direct access to your computer. You hope that this firewall program will be sufficient to keep those people out, but.. the thing is running on your computer, and these people can still interface directly with your computer. They can probe your ports, poke your firewall to see if they can find any holes, etc.

When you install a router, people cannot interface directly with your computer because there is a literal physical disconnect. No one on the internet can directly interface with your computer *period*. They can only interface with the router itself. This simple fact means that installing a router is a huge boost to the security of your system.

There is one area where personal software firewalls do have a leg up on routers, though: personal firewalls inspect the data *leaving* your computer and can alert you if a program on your computer is trying to access the internet. Usually this is legitimate (Internet Explorer, for example, obviously will be sending internet requests), but sometimes you can have spyware or bots communicating with their masters or home servers without your knowledge. A personal firewall would catch this before they actually got any information out.

Of course, IMO, regular spyware and virus scans will catch the same programs though, so it's not something I generally worry about.

If you have a router installed, there is less need for a software firewall, but I recommend leaving the Windows Firewall enabled anyway.

You still need to perform regular virus and spyware scans, because spyware and viruses generally get installed through malicious web pages or direct user action, not through hacking from the internet.

I also suggest to people that they disable all of the "real time protection" aspects of their "protection" programs such as Norton Antivirus and Ad-Aware and so forth. These programs are of very limited use and *greatly* slow down systems. Norton's "real time scanner" scans every single file your computer accesses every single time you access it. Opening Word, for example, accesses hundreds of files on your hard drive, and Norton stops and scans every one. It can double application load times and make your hard drive thrash twice as much as normal.

Does it still do that? I know they were trying to catch up with Sophos' method (which scans it once, then keeps a checksum on the file so it knows whether or not it needs to scan it again.)

[jonnythan]

Does it still do that? I know they were trying to catch up with Sophos' method (which scans it once, then keeps a checksum on the file so it knows whether or not it needs to scan it again.)

It does it the way you describe, essentially. I was certainly exaggerating slightly to get the point across, but the real time scanners *do* slow the PC down noticeably.

[roscowgo]

I look at it, as the more layers you have, the more protected you are. Not because you are actually safe. You aren't. (just because you're paranoid doesn't mean they aren't out to get you.)

so the average directly connected home user has a layer about like this.

Isp(not really a layer since they are still transparent generally)>computer.(you depend solely on what software you run, what updates you have, software firewall, etc...)

The general setup for routed home users is ISP>Nat Router>computer
Or at least i don't notice many people with a pool of public addresses they can route to their inside home networks.

Nat is good because it uses one outside IP address, and translates what port your outgoing info uses, Thus harder to get into your stuff from the outside. (ex. Internet explorer>port 80 for general web surfing>router which says ok i am going to accept info Back in from the outside on port 80 from the specific address i just tried to go to and thats all.)
That helps limit the Scope of your vulnerability. As with everything else it has it's own troubles and holes. No anti-virus protection. No spyware protection. And of course different routers will have different weaknesses in addition to whatever the protocols weakness is.

Small business i would say
ISP>Hardware firewall>Router with access-lists>switch more possible access-lists>computer that should have at least the latest updates.

Depends on what the business does really. You are going to have different solutions, needs, and contortions for each business. A home flower shop with a credit card reader isn't going to need the same set of stuff as a locally run community website.

Notice i didnt say anything about wireless gadjets in there. Those are a Whole nother can of security worms. Kind of like a suit of armor with a hole over your chest. I currently have no less than 3 unsecured wireless networks within range of my home laptop. 1-2 computers on each one. and its pretty easy to home build Good antennas that drastically increase your range.

[Sev]

A router does its job by shielding your computer from the internet. It physically disconnects your computer from the outside world.

No it doesn't.

[blues2cruise]

Last night the tech at Telus also suggested that maybe the NIC card drivers were corrupt, so I went the computer guy on my way home and asked him about this. He said it wasn't likely, but he showed me how to uninstall. Then when you reboot thecomputer, it will recognize them and reinstall. It didn't make a difference.

I bought a new cable for the modem to computer connect. It's shorter. I also switched to a heavier duty phone cord instead of the anorexic one that came with the modem.
My friend came by and had a look through the system and we shut down some running systems that I don't need running.

Something had been using up the RAM and now it is quite a lot better.
He also showed me where the cookies with expiry dates were hidden and got rid of those ones. They don't go away with regular cache clearing.

We ran another broadband test and transfer rate and it is much better.

Some sites still have "issues" though. For example, in my yahoo mail, when I want to delete a message, it sure does take a long time for it to do it. And, I was typing a message,and when I hit "Send", it didn't send. Instead I got the error page.

Now I have to retype the whole message.

I don't know what is meant by "real time" scanning. I wasn't aware that my word program gets scanned when I open it.
I guess I better go read a tutorial.

[ofblong]

Last night the tech at Telus also suggested that maybe the NIC card drivers were corrupt, so I went the computer guy on my way home and asked him about this. He said it wasn't likely, but he showed me how to uninstall. Then when you reboot thecomputer, it will recognize them and reinstall. It didn't make a difference.

I bought a new cable for the modem to computer connect. It's shorter. I also switched to a heavier duty phone cord instead of the anorexic one that came with the modem.
My friend came by and had a look through the system and we shut down some running systems that I don't need running.

Something had been using up the RAM and now it is quite a lot better.
He also showed me where the cookies with expiry dates were hidden and got rid of those ones. They don't go away with regular cache clearing.

We ran another broadband test and transfer rate and it is much better.

Some sites still have "issues" though. For example, in my yahoo mail, when I want to delete a message, it sure does take a long time for it to do it. And, I was typing a message,and when I hit "Send", it didn't send. Instead I got the error page.

Now I have to retype the whole message.

I don't know what is meant by "real time" scanning. I wasn't aware that my word program gets scanned when I open it.
I guess I better go read a tutorial.

no one should be using yahoo. I am guessing you have yahoo toolbar installed. that should be the first thing you uninstall just like google toolbar or any toolbar like that for that matter. yahoo is spyware itself and yes google is as well but not like yahoo is. yahoo is an invasion of privacy. what johnny said is basically what I said. A router's firewall WILL block you from getting internet based spyware/adware installed but if you install something like yahoo toolbar you are allowing your computer spyware that way. A router doesnt stop spyware that you yourself allowed to be installed by either settings on your browser or settings elsewhere or you hitting "yes" to something. There are programs out there that look for open ports so they can get ahold of your computer and install what they want.

[blues2cruise]

I DON"T have a yahoo or google tool bar. I have been using yahoo mail for the purpose of forums.
Do you have a suggestion as to what is better....aside from using my telus email?

[Sev]

gmail? !

[Nalian]

A router's firewall WILL block you from getting internet based spyware/adware installed but if you install something like yahoo toolbar you are allowing your computer spyware that way. A router doesnt stop spyware that you yourself allowed to be installed by either settings on your browser or settings elsewhere or you hitting "yes" to something.

A router will absolutely not do any of that. What you are describing is called content filtering and it would need to be done by a real time proxy scanner. There are absolutely NO home user products that would do this via a router.

A router can protect your system by not allowing traffic directly in to you. Most often it does this by port filtering. When you request something from the web (on port 80) it will allow information back from that address via a random port that the webserver communicates to the client it will be transmitting over. The router doesn't care what any of that information is - whether its a virus, spyware, adware, or whatever. Routers do not do content filtering.

Google and Yahoo toolbar are not spyware. Spyware is something placed on your system without your permission. Adware is placed on your system with your permission (you are told about it in the click-through EULA). I know that google's toolbar will send data back to google about your browsing habits, but you have the option to turn that off if you wish to. I do not know about Yahoo's toolbar, but I do know that it is absolutly not spyware.

[blues2cruise]

I have had this yahoo address for about 4 years and it has been ok. It doesn't get very much spam. What I don't like is having the animated advertising in it. Regular advertising I can live with.

I tried a gmail account and it got far more spam than the yahoo one. I was under the impression that gmail was not supposed to have spam.

My computer is still slow. I think it is time to call in a tech.