Subscriber V.R. Beeson wrote last week to ask about the need for both a router and a software firewall:
Terry, just wanted to thank you for including my question in the last newsletter. Hopefully it will help someone else.
By the way, since then I have run across that problem a couple more times. I just rebooted and all was well. May have to contact my ISP if this continues. But so far everything is working ok.
While I’m on a roll I want to ask you about a firewall. I bought a Acer netbook with wireless. My home system has a Linksys router.
Do you think I should also install a software firewall? Or will the Linksys give the protection I need? Thanks again for all your help and advise. V.R.
I wrote back to V.R. to tell him that he absolutely needs a software firewall, too.
A router will block attempts from the outside world to initiate contact your machine.
It will not stop outbound communications initiated by your computer. Anything originating from the local network side of the router is accepted as perfectly valid and permissible.
Microsoft woke up to the need for firewalls on our computers. First, with Windows XP Service Pack 1, they added the Windows XP firewall — but they did’t turn it on! Service Pack 2 and Service Pack 3 install it and turn it on. But, Microsoft’s Windows XP firewall remains a one-way firewall — it stops inbound attempts to initiate communication and allows all responses in response to your computer’s requests.
Let me say that again. The Windows XP firewall will allow any RESPONSES to communications initiated by your computer. The router will, too, because it believes that any communications initiated from within your local network are completely valid.
That’s how the remote-control bad guys get control. They get you to run the baddie on your computer (or they use a flaw in a program or in Windows to get it to run), then all they have to do is respond. Your router will allow the bad application to talk to the bad guys’ application and will allow the bad guys’ responses to return to the computer.
A two-way software firewall is designed to control both outbound and inbound communication attempts. I think all of the firewalls available commercially are two-way firewalls.
Even Microsoft finally recognized that two-way firewalls were the appropriate design — the Windows Vista firewall is a two-way firewall.
For my computers and those of my family, I use the firewall built into Sunbelt Software’s VIPRE Antivirus Premium.
and