Firewalls (software) Are they necessary?

Now that I’ve dared to install a “free” anti-virus program…what’s next?

I don’t know what I really need to protect my PC’s.

My router has a SPI fire wall, the DSL modem is on a different subnet than the router (double NAT’ing), and I’ve tried to get an opinion from several online resources…to no avail.

So what do you guys use in conjunction with Avast?

Do I need a firewall, and if so, what kind? http://ask-leo.com/do_i_need_a_firewall_and_if_so_what_kind.html

Do I Need a Firewall? http://askbobrankin.com/do_i_need_a_firewall.html

Welcome Xunix

Some people use Outpost either Free or Pro and some use PC Tools firewall but only one at a time.

I like to have system Layered Protection with several security applications.

An up to date anti virus application: avast!
An up to date anti malware application like Malwarebytes’ Anti-Malware (MBAM)
http://www.malwarebytes.org/mbam.php
Up to date HOSTS file that prevents access to known malware sites with hpHosts and MVPS HOSTS file managed with HostsMan.
http://www.abelhadigital.com <== I use HostsMan 3.2.71 Beta7
A system Security monitor that watches over them that WinPatrol provides.
http://www.winpatrol.com

Neither ZoneAlarm nor Comodo is recommend.

A lot depends on how you use your system, but there are lots of discussions here on the subject. See the various firewall threads, http://forum.avast.com/index.php?topic=49944.msg423404#msg423404 in particular for comments on NAT and firewalls.
Double NAT can be an issue with some games because of the need to “punch holes” in the NAT/firewall to allow inbound connections through two layers of protection. I prefer to set the modem up as a bridge and use the router capabilities for NAT and limited firewalling (I currently use a Netopia 3346 DSL router in bridge mode with a Linksys wrt54g wireless router with Tomato firmware).
So with your current setup you can restrict inbound traffic via NAT, allow outbound connections with perhaps a few restrictions, but generally treat your computer as a “black box”. A software firewall gets you is the ability to restrict inbound and outbound connections by specific application, and provides you with insight into what is happening via the GUI. Many firewalls today add a HIPS (Host Intrusion Prevention System) that augments the firewall monitoring of the application connections with behavior monitoring of the application functions. So you have a way to see that something in your system is trying to phone home and is out gathering data to send out via the connection. With most hardware firewalls, the assumption is that outbound connections are OK. A mailbot shouldn’t trigger alarms, for example, unless it was caught by the AV.
So I use both NAT and a software firewall/HIPS. A good modem/router like the Netopia also can make logs of the security stuff that happens at that interface, but this is usually for post mortem examination. Once the software firewall/HIPS is configured, the amount of real time popups you see depends mostly on how much “exploring” you intend to do and doesn’t need to be intrusive. And AV/AM will always run a little behind the latest threats, so if you are an unlucky early victim the software firewall/hips may catch some new things with your interaction to the alerts.

Simple answer. You should have a firewall on your router and computer.

Thanks to all for the advice, welcoming, direction…etc :slight_smile:

After a brief HIPS researching stint on the Net, I decided sded’s method is the best fit for me.

Therefore: sded, what are you using for software firewall/HIPS?

When you have a moment. And thanks for getting me to think about my setup…I’m not double NAT’ed…I’m fully bridged. The .1.1 subnet is used to access the modem…not to do NAT. Doh!

Have a great weekend everybody!

Xunix, I have two Vista computers set up pretty much the same as in my signature. My preferred firewall/hips currently is Online Armor, which I have used since the beta became available for Vista ~18 months ago, but others have their preferences. Try out a few and see what you feel comfortable with. I use a mobile system a lot, and OA has some very nice features for tracking multiple networks and monitoring the activity of other computers, as well as being very easy to set up and use. If you have priorities for some other features, let us know and probably someone here can suggest good candidates to try out. We are all waiting to see the Avast! firewall emerge, but in the meantime life goes on. :wink:

sded…muchas danke, mein amigo. No doubt, I’ll be back with more questions.