Skip to content

Do I Need Firewall Software on My PC?

2010 November 17

Maaris Dravnieks in San Francisco, 2009

The legendary programmer Maaris Dravnieks pointed out that a software firewall running on a PC can make it so slow that you will think it’s 1999. If you have experienced this yourself, then you may also have had the thought “Do I really need this firewall?”

In my opinion: No, probably.

I turned off my firewall years ago. If you have a local router, with NAT network address translation, then running a firewall is like fastening your seatbelt before playing a tango on your piano. That is, the firewall adds nothing essential and may interfere with your experience, especially if you have information less valuable than national nuclear weapon secrets on your PC.

Setting up a local router is easy. Let’s consider how to do it, if you haven’t already…

But first, let’s consider how to tell whether you have a local router set up already or not…

Here’s how to do it on Windows…
Open a command tool by choosing ->Start->Run->”cmd”.
At the command tool prompt, type “ipconfig”.
Look for the line labeled “Default Gateway” and at the IP address at the right end of this line.
The IP address has the format of a dotted number. The dotted number is four integers separated by three dots.

If the IP address begins with “192.168”, like “192.168.2.254”, then you have a local router set up already.
If the IP address begins with “10”, like “10.1.2.2”, then you have a local router set up already.

The authority rests with RFCs 1918 (1996) and 1597 (1994):

   The Internet Assigned Numbers Authority
   (IANA) has reserved the following three
   blocks of the IP address space for
   private internets:

     10.0.0.0 - 10.255.255.255
     172.16.0.0 - 172.31.255.255
     192.168.0.0 - 192.168.255.255

In the Internet Protocol, addresses like these are reserved for private, nonstandard uses and testing, and they are “non-routable”, which means the Internet routing system treats them as irrelevant and doesn’t forward them to other routers. That means the non-local routers and the bad guys can’t find your PC by that address. If you are using a wireless interface (Don’t know? Watch this series for a future article.), then make sure you use WPA encryption.

It’s no concern because you (if not your PC) are far more likely to die struck by lightning (odds less than one-in-a-million in any year, Adekoya and Nolte, 2005) than to get hacked by someone outside your local router. Want to improve those odds by, say, 1 in 4 billion? Then add another local router (see below).

A router must make known some information, especially its own addresses. Many routers have a HTML interface. If you have a local router, you can very likely see this information easily. Open your favorite web browser and type the IP address, dots and all, into the address field. For example, if you discovered your Default Gateway is 192.168.2.254, then type in “http://192.168.2.254” .

Returning to the question of how to set up a local router…

Ooops! Sorry kids, but time’s up! We’ll return to this in the future. See you later!

photo: Theodor Horydczak, circa 1920, Library of Congress

Resources (retrieved November 14, 2010, except as noted):

N. Adekoya and K. B. Nolte, Struck-by-Lightning Deaths in the United States, Journal of Environmental Health (May 2005), http://www.bls.gov/iif/oshwc/cfoi/jeh5_05_45-50.pdf

Y. Rechter, B. Moskowitz, D. Karrenberg, G. de Groot, E. Lear, RFC 1918 (February 1996), http://tools.ietf.org/html/rfc1597

Y. Rechter, B. Moskowitz, D. Karrenberg, G. de Groot, RFC 1597 (March 1994), http://tools.ietf.org/html/rfc1597


 

No comments yet

Leave a Reply

You must be logged in to post a comment.