how much of a security risk is turning off the firewall in a modem?
If you're bridging IP traffic over to your own router, then the previous modem/router(called a home gateway) just hands all traffic through to yours, so its attack surface is essentially nil. It will only talk to local addresses as private IP space wont be routed by your ISP. As long as the new router for the network has firewalling in place you're just as safe as any other user, possibly more if the original is ISP supplied.
This is the correct setup.
Related videos on Youtube
user3591496
Updated on September 18, 2022Comments
-
user3591496 over 1 year
I have a router that I want to plug into a modem/router too (the latter is a poor router) and the advice I'm getting is to set the modem / router to full bridge mode, like so: https://whirlpool.net.au/wiki/adsl_modem_router_bridge_mode With the detailed advice I've been given for my model, this involves turning off the firewall on the modem/router (I think essentially it's just acting as a modem). Does this make the modem/router a significantly easier target for hackers? Or, is it unimportant (because working as a modem, it only looks at layer 2 header while the firewall process looks at layer 3 header - apologies if I'm way out with this)?
-
user over 8 yearsYou should always have a firewall of some kind. It's usually beneficial to have a first order firewall before the packets have a chance to reach the computer.
-
user3591496 over 8 yearsThanks Michael, so, pardon my ignorance, if I buy a straight modem (no routing function) this would usually have a firewall running? Under the setup I'm contemplating, my computers etc will connect to a router (with a firewall running) the packets etc then going to the modem (except for during modem setup, when I'll connect my computer directly to the modem).
-
user over 8 yearsA pure modem, by definition, cannot act as a firewall. A router may also have firewalling functionality.
-
user3591496 over 8 yearsThanks Michael, this is where I'm getting confused. On the admin panel for my Sagem F@st 1201 v2, it appears to show you can enable / disable NAT and firewall settings on the modem. Does this imply it's not a pure modem - it's actually doing some routing (when NAT / firewall settings are on)? And if the pure modem functionality can't implement a firewall, then, provided there's a firewall running in the router connected, is the Sagem F@st 1201 v2 then just as safe with the firewall turned off (provided the router plugged in has it's firewall running).
-
user3591496 over 8 yearsI'm just trying to confirm for myself, that, whatever firewall setting is running, there's a 'modem process' running that is exposed to packets that have not been filtered by a firewall.
-
-
user3591496 over 8 yearsNow I'm worrying about the home gateway web interface. It's access via a web address so its protected by the router firewall (even though the home gateway is on the other side of the router) - correct? And the TR-069 and other remote management tools - these weren't protected by the firewall I've just removed were they? There has previously been some concern about administrators leaving default passwords on those things.
-
Linef4ult over 8 yearsNah you're safe. Old setup: Gateway had a public IP and a private IP, so other people could contact it. New setup: private IP only. So for an attacker to get at it they'd have to penetrate your own routers firewall "loop back" to the modem(old gateway).