Is a software firewall really necessary?

Khannie

I have a hardware firewall built into my router (there's also one in my motherboard). I have just done a fresh install and put zonealarm on the machine, but I've been online now for a good few hours and there have been 0 inbound attempts at the software firewall.

Do I really need one if I keep the OS up to date?

K.O.Kiki

Would you like to find out what happens if it is & delete it? :eek:
But seriously... you may as well keep it.

Hobbes

I'd say yes. It is good for detecting outgoing threats which your hardware firewall will let by.

Malafus

You do not need a software firewall if you have a hardware firewall. One firewall is enough, but it is a good idea to have at least that one.
If you have a router then you likely have NAT, which prevents people from making connection attempts on your computer. So if you have NAT,you are relatively safe, but it is still wise to have a firewall as well, as attacks can still be made on open ports. TBH, there is not much chance of being directly attacked, it is more likely that you will accidently install a trojan or something, and this is where a firewall REALLY helps - it will disallow outbound access, which renders most trojans worthless.

Edit: Hobbes: A hardware firewall, properly configured, will close outbound communications as well as any software firewall.... in fact, generally hardware firewalls do a BETTER job, and don't use up any CPU time either. Except for the nVidia hardware firewall.... that sucks.

quarryman

I was wondering this myself recently. I have the Wireless Medion Router that Aldi sold a while back. I'd assume this has a firewall built in, how do I activate it.

Also ZoneAlarm can be a bit intrusive sometimes and I'm wondering if its really necessary at all.

Malafus

quarryman wrote:

I was wondering this myself recently. I have the Wireless Medion Router that Aldi sold a while back. I'd assume this has a firewall built in, how do I activate it.

Also ZoneAlarm can be a bit intrusive sometimes and I'm wondering if its really necessary at all.

Most routers do NOT have firewalls built in.
And hey, if you think ZA is intrusive, try Agnitum Outpost. Most irritating firewall I ever tried. At least ZoneAlarm only bothers you a maximum of 4 times on any program (assuming you tell it to remember - trusted/trusted server/internet/internet server). Agnitum is relentless - you must be informed, and decide upon, every single change in every single component of every single program that even thinks about connecting to the net.

Gilgamesh

I would recommend trying the following if you are not sure,

make a backup image of you OS and you Software installed, e.g. with ghost.
then deactivate the Software firewall and browse the web for approx 20 mintues should do the trick and see how fooked your system will be.
If the Hardware Firewall is setup correctly and you have configured it to your needs, then happy days, but a lot of the firewalls in routers wil not give you these options, hence ad blicking and stuff like that. a Software Firewall will load default rulesets for different apps, limiting the Software down to it's actualy needs and will then ask you by out of the ordinary demands if you want to allow that action.
So I personally would recommend having the software firewall active.

jor el

Hobbes wrote:

I'd say yes. It is good for detecting outgoing threats which your hardware firewall will let by.

That'd be my number 1 reason for keeping the SW firewall too. I block every program on my PC from internet access, except those few that need it and I specifically allow.

There are far too many programs that connect to the internet sending back who knows what information to who knows where. Most of them don't really need to. I'm perfectly capable of installing a codec or updating Nero on my own thank you very much.

The hardware firewall in most routers wouldn't be the greatest, as has been said, so unless you fork out big money for a good one keep the software one as it will do the trick.

Malafus

A hardware firewall should do fine at blocking outbound access. Well, maybe not the router-integrated ones, but he has a hardware firewall on his mobo. As long as it's not an nVidia product, that should suffice.

quarryman

Malafus wrote:

Most routers do NOT have firewalls built in.
And hey, if you think ZA is intrusive, try Agnitum Outpost. Most irritating firewall I ever tried. At least ZoneAlarm only bothers you a maximum of 4 times on any program (assuming you tell it to remember - trusted/trusted server/internet/internet server). Agnitum is relentless - you must be informed, and decide upon, every single change in every single component of every single program that even thinks about connecting to the net.

zonealarm stays so.

make a backup image of you OS and you Software installed, e.g. with ghost.
then deactivate the Software firewall and browse the web for approx 20 mintues should do the trick and see how fooked your system will be.

seriously? that quick?

Malafus

Quarryman: Depends what you're doing. Try logging onto multiple P2P networks without a firewall and see how quickly you are attacked.

Khannie

Must admit I hadn't considered the outgoing, though this is what the soft firewall prompts you most about. I don't really engage in any dodgy stuff. No p2p, no warez, etc. so I /should/ be ok. Think I'll risk it for a while and see how I get on.

Stephen

You'd only get owned in 20 minutes of idling online like that if you had no firewall at all (i.e. you were not sitting behind a nat router). The average DSL nat gateway should be fine for incoming threats. Like the others said, I'd keep a firewall running on my PC too, just in case - especially if you've got a wireless network, or you let others plug into your lan from time to time.

Capt'n Midnight

Malafus wrote:

Most routers do NOT have firewalls built in.
And hey, if you think ZA is intrusive, try Agnitum Outpost.

The free usage terms are a lot less restrictive than ZA.

Many routers use NAT, which filters a lot of the crud.

As others have pointed out a software firewall can tell you if something is trying to phone home. ( The built in one in windows doesn't )

Have to agree that if you are sharing a LAN with other users then you should have a software firewall as well in case they get hit.

Peteee

Stephen wrote:

You'd only get owned in 20 minutes of idling online like that if you had no firewall at all (i.e. you were not sitting behind a nat router). The average DSL nat gateway should be fine for incoming threats. Like the others said, I'd keep a firewall running on my PC too, just in case - especially if you've got a wireless network, or you let others plug into your lan from time to time.

20 minutes is only on a unsecured Win XP box with no SP or Updates.

A SP2 with updates and firewall turned on is quite secure.

Whats the firewall like on a Linksys WRT54g wireless router?

Khannie

Peteee wrote:

Whats the firewall like on a Linksys WRT54g wireless router?

That's the one I have. Seems to be rock solid.

Mac daddy

I have a linksys wrt54gs good router, hardware firewall is okay, But still to be safe i have a software firewall on each pc and laptop at home, so i can see what trying to access the net.
Using sygate pro works fine, installed it about a month a ago zero attacks hardware router takes care off most of the rubbish trying to come inbound.

Khannie have you tried any of the hacked firmwares for your router?

Khannie

Never knew there were any tbh. What's the benefit of them?

yossarin

I have a nat'ing router with a firewall in it and installed zonealarm on a whim.
What shocked me was the number of outgoing requests that were then blocked - turns out i had some shítty yet quiet virus installed that was quetly propegating itself.

you should really install a firewall - they don't eat the cpu and in zonealarms case are not too annoying. anyway you can configure ZA not to bother you.

stevenmu

I'd guess you're going to have enough AV/Spyware/Adware stuff running that there won't be too much risk of your machine being infected, leaving incoming attacks your main concern, which a hardware firewall should deal with fine.

Would a software firewall have much of an impact on online gaming ? Would in game ping times be noticeably higher with the cpu being so busy ?

Kali

As already said.. software firewalls are great for informing you that a certain program is trying to access the internet.. this can be especially handy for spotting viruses (trying to mail on port 25) or spyware immediately... they are an initial pain, but once over the configuration they can just bolster the defences a good bit.

Capt'n Midnight

Peteee wrote:

20 minutes is only on a unsecured Win XP box with no SP or Updates.

A SP2 with updates and firewall turned on is quite secure.

Whats the firewall like on a Linksys WRT54g wireless router?

It's between 14 and 16 minutes in this part of the world (UK stats because so many of our ISP's are UK based and so much traffic is routed that way) And it can be as little as 30 seconds.

Also, and this is very important, there are continual patches for IE remote control exploits, even for systems with SP2 and unless someone can prove otherwise at no time in the last 9 years has a fully patched windows system been safe from exploits - most patches are released afterwards. Ok a firewall won't protect you from a lot of these but something that looks at outbound traffic will alert you if it happens.