Internet Video Series, Part 1


Episode 10, Segment 01 of 09

NAT Routers Part 1: Client Firewalls

Simple Routers for Small Networks

Most NAT Routers are installed so that a single, low-cost Internet connection can be shared between 2 or more personal computers. However, a NAT router can be a great help even if only one computer is in use, because every NAT router functions as a "firewall" gateway, allowing the user of that single computer to request web pages or begin dialogs with other servers all over the Internet, but discarding every incoming request from Internet-based processes that want to begin an unanticipated dialog.

PCs are completely immune from external attack only when they are disconnected from the Internet and switched off. Once turned on, a modern computer automatically loads an operating system, and then begins loading and executing various processes. Some of these processes are vulnerable to attack. Generally, if you are not connected to the Internet you are pretty safe, but of course processes can be attacked by insertion of a diskette, or loading of disk files in various ways. Furthermore, these processes can talk to one another inside your PC, so if one of them becomes corrupted, it could corrupt others.

The big security concerns begin, however, when you connect your PC to the Internet, especially if you have a full-time, "always-on", high-speed Internet connection, of the type that have become popular with Cable or DSL modem technology. With a full-time Internet connection active on your PC, if you are running any processes that can be exploited or attacked, they will be found, exploited, and attacked.

And because PCs are so complicated nowadays, it's hard to know if you are running one or more vulnerable applications. Many of the processes that come native with your operating system  need "patches" in order to defend themselves. Microsoft's "Windows" operating system (especially the older versions) is notorious for loading and executing processes that are really not necessary, and that subsequently are found to contain vulnerabilities. Also, as you operate on the Internet, you may be tricked into running a process that could be attacked or compromised. Never click on an unknown email link!

Anybody with experience on the Internet will tell you that you had better load some kind of a firewall to protect you in this situation, and the red rectangle in this diagram represents a software firewall operating inside your PC.

When properly configured, a software firewall can give you pretty good protection. Unfortunately, software firewalls can be cumbersome, and suffer from compatibility problems. They need frequent updating. They consume PC resources,  they are difficult to remove, and you'll "feel" your PC becoming more difficult to administer once a software is installed.

Accordingly, you may be tempted to remove it. That's not a good idea unless you take extra steps to compensate.

Episode 10, Segment 02 of 09