I have 2 problems that I need help with.

First my hardware:

Desktop computer

Dell 8200 Dimension 2 GHz, 768 mb ram, Linksys 10/100 NIC card (100TX LNE), Linksys 54g wireless router (WRT 54G), Sprint Broadband with internet router. Norton 2005 AV

Laptop

Dell Inspiron 5100 2.6 GHz, 512 mb ram, Dell 1100 WLAN Card. Norton 2005 AV.


Internet Connection - Sprint Broadband

My first problem:

I disabled the firewall on the Linksys router, and I disabled the XP firewall. When I go to Symantec's website and click on the link to check for security risks

http://security.symantec.com/default.asp?productid=symhome&langid=ie&venid=sym (http://security.symantec.com/default.asp?productid=symhome&langid=ie&venid=sym)

It tells me that I am not at risk in all catagories. I don't understand how I can not be at risk with the firewalls being disabled. I also confirmed with Sprint Broadband that the router they provided me does not have a built in firewall. I also am pretty sure the Symantec web site works as I did the same thing to my father in laws computer and it told us he was at risk in all areas. I have no 3rd party firewall software installed. Am I missing something or do I somehow have a ghost firewall?

My second problem:

Since disabeling the firewalls my desktop download speed tests have been in the 3800 - 4000 range. With firewalls enabled I was anywhere from 1200 - 2100. The problem lies with my laptop. With firewalls enabled I would get between 1200 - 2100. No since disabling the firewall I can not get above 1000, while the desktop gets 3800-4000. Why would this be?

I have been using the speed tests at www.testmy.net (http://www.testmy.net)

I hope I have given you enough info, if not please let me know what else you need.

I'm pretty sure that your router has built-in NAT translation (more about that here :NAT translator (http://www.pcworld.idg.com.au/index.php/id;211587825;fp;16;fpid;0) ). I think that's why Symantec shows it as being safe. I'd use Zone Alarm (the free version) just to be on the safe side.

Check out Steve Gibson's site, www.grc.com -- his "Shields Up" program does a great job of checking out firewalls. There's also a tutorial on NAT routers as hardware firewalls.

You have me confused. I am not sure how that Symantec scan works. Maybe it checks for a hardware frewall and a router is a hardware firewall.

Windows XP however checks fora SOFTWARE firewall. It's preference is the Microsoft Windows firewall but if you have Zone Alarm, Black Ice, or the Symantec software firewall installed all is fine.

Many people witha router think that he NAT firewall is sufficient. I would recommend a software foirewall on each machine but that is my preference.


One possibilty ehre is that you might be running something like the Norton firewall even without your knowledge. I can't say.

What software firewall do you know you are running? Running two or more could be a problem.

That is the thing I am not running any kind of firewall, not on my router, not Windows XP's built in firewall and not a third party firewall, nothing, nada, nunca. The only thing I have enabled is Norton Anti Virus, which does not have any kind of firewall protection. It does protect against worms.

If you go to symantec.com and click on security response, then scroll down about half way and click on check for security risks, it runs a program to scan your computer to determine how well you are protected. When I run the scan it tells me the following:


http://security.symantec.com/sscv6/SharedContent/common/images/alert_red_20.gif</IMG> = At Risk!http://security.symantec.com/sscv6/SharedContent/common/images/alert_yellow_20.gif</IMG> = Possible Risk!http://security.symantec.com/sscv6/SharedContent/common/images/alert_green_20.gif</IMG> = Safe http://security.symantec.com/sscv6/SharedContent/common/images/alert_green_20.gifHacker Exposure Check http://security.symantec.com/sscv6/SharedContent/common/images/details_show_red.gif (javascript:showDetails('mh03'))Show Details (javascript:showDetails('mh03'))http://security.symantec.com/sscv6/SharedContent/common/images/details_hide_red.gif (javascript:hideDetails('mh03'))Hide Details (javascript:hideDetails('mh03'))Description:
Tests your TCP ports for unauthorized Internet connections.

Analysis:
Your computer appears safe from most common intrusions. To learn more about the threats you are protected against, view a detailed analysis of your test results.
(http://security.symantec.com/sscv6/sc_TCPScanDetails.asp?langid=ie&venid=sym&plfid=23&pkj=NFZUGIJPUVGCWETOMGM)

http://security.symantec.com/sscv6/sharedcontent/common/images/grey_line.gifhttp://security.symantec.com/sscv6/SharedContent/common/images/alert_green_20.gifWindows Vulnerability Check http://security.symantec.com/sscv6/SharedContent/common/images/details_show_red.gif (javascript:showDetails('pi04'))Show Details (javascript:showDetails('pi04'))http://security.symantec.com/sscv6/SharedContent/common/images/details_hide_red.gif (javascript:hideDetails('pi04'))Hide Details (javascript:hideDetails('pi04'))Description:
Tests whether basic information, including your PC's network identity, can be seen by hackers.

Analysis:
Your computer's identity is secure. However, this does not mean you are completely safe from all Internet security threats.

http://security.symantec.com/sscv6/sharedcontent/common/images/grey_line.gifhttp://security.symantec.com/sscv6/SharedContent/common/images/alert_green_20.gifTrojan Horse Check http://security.symantec.com/sscv6/SharedContent/common/images/details_show_red.gif (javascript:showDetails('cv04'))Show Details (javascript:showDetails('cv04'))http://security.symantec.com/sscv6/SharedContent/common/images/details_hide_red.gif (javascript:hideDetails('cv04'))Hide Details (javascript:hideDetails('cv04'))Description:
Attempts to test for access to your computer through methods commonly used by Trojan horses.

Analysis:
Your computer and data are not vulnerable to Trojan horse attacks. However, Trojan horse threats are constantly evolving, and unless you have a personal firewall and current virus protection, you're not completely safe. To learn more about threats you are protected against, view a detailed analysis of your test results.
(http://security.symantec.com/sscv6/sc_TrojanScanDetails.asp?langid=ie&venid=sym&plfid=23&pkj=NFZUGIJPUVGCWETOMGM)



http://security.symantec.com/sscv6/sharedcontent/common/images/grey_line.gifhttp://security.symantec.com/sscv6/SharedContent/common/images/alert_green_20.gifAntivirus Product Check http://security.symantec.com/sscv6/SharedContent/common/images/details_show_red.gif (javascript:showDetails('cv01'))Show Details (javascript:showDetails('cv01'))http://security.symantec.com/sscv6/SharedContent/common/images/details_hide_red.gif (javascript:hideDetails('cv01'))Hide Details (javascript:hideDetails('cv01'))Description:
Checks for a current version of a commonly-used virus protection product.

Analysis:
Your computer is running virus protection software and you are at low risk to virus attacks. However, viruses are constantly evolving and you need to keep your virus protection current to stay safe.

http://security.symantec.com/sscv6/sharedcontent/common/images/grey_line.gifhttp://security.symantec.com/sscv6/SharedContent/common/images/alert_green_20.gifVirus Protection Update Check http://security.symantec.com/sscv6/SharedContent/common/images/details_show_red.gif (javascript:showDetails('cv02'))Show Details (javascript:showDetails('cv02'))http://security.symantec.com/sscv6/SharedContent/common/images/details_hide_red.gif (javascript:hideDetails('cv02'))Hide Details (javascript:hideDetails('cv02'))Description:
If you have a virus protection product on your computer, this test checks the date of your most recent virus protection update. If the updates are more than two weeks old, they are not considered current.

Analysis:
Your virus protection has been updated recently and you are at low risk for virus attacks. However, viruses are constantly evolving, and unless you keep your defenses current, you're not completely safe.

http://security.symantec.com/sscv6/sharedcontent/common/images/grey_line.gifhttp://security.symantec.com/sscv6/sharedcontent/common/images/grey_line.gif

and if I run the check from grc.com

I get this

Solicited TCP Packets: RECEIVED (FAILED) — As detailed in the port report below, one or more of your system's ports actively responded to our deliberate attempts to establish a connection. It is generally possible to increase your system's security by hiding it from the probes of potentially hostile hackers. Please see the details presented by the specific port links below, as well as the various resources on this site, and in our extremely helpful and active user community (https://www.grc.com/discussions.htm).
https://www.grc.com/image/transpixel.gif
https://www.grc.com/image/graypixel.gif
https://www.grc.com/image/transpixel.gif
Unsolicited Packets: PASSED — No Internet packets of any sort were received from your system as a side-effect of our attempts to elicit some response from any of the ports listed above. Some questionable personal security systems expose their users by attempting to "counter-probe the prober", thus revealing themselves. But your system remained wisely silent. (Except for the fact that not all of its ports are completely stealthed as shown below.)
https://www.grc.com/image/transpixel.gif
https://www.grc.com/image/graypixel.gif
https://www.grc.com/image/transpixel.gif
Ping Echo: PASSED — Your system ignored and refused to reply to repeated Pings (ICMP Echo Requests) from our server.


If I run the file sharing check I get this

https://www.grc.com/image/reddash.gifYour Internet port 139 does not appear to exist!
One or more ports on this system are operating in FULL STEALTH MODE! Standard Internet behavior requires port connection attempts to be answered with a success or refusal response. Therefore, only an attempt to connect to a nonexistent computer results in no response of either kind. But YOUR computer has DELIBERATELY CHOSEN NOT TO RESPOND (that's very cool!) which represents advanced computer and port stealthing capabilities. A machine configured in this fashion is well hardened to Internet NetBIOS attack and intrusion.https://www.grc.com/image/reddash.gifUnable to connect with NetBIOS to your computer.
All attempts to get any information from your computer have FAILED. (This is very uncommon for a Windows networking-based PC.) Relative to vulnerabilities from Windows networking, this computer appears to be VERY SECURE since it is NOT exposing ANY of its internal NetBIOS networking protocol over the Internet.

I guess what threw me was the stastement that you disabled the firewall on the router. I am not sure how you did this. Also the statement about XP detecting a software firewall (or not detecting the lack of one). I have to admit that I don't know what is going on. So I will shut up while others try to help.

If you use the Sprint 'modem' in router mode, there is a firewall built in. It is only disabled if you use the modem in bridge mode - ie to connect to a standalone router.