[4D(Fordy(Ford) Ollie]

I'm also running Vista (mainly..) so I guess I am within my right to be happy with the built in?

[evilfantasy]

Glasweigan is correct about the Vista 64bit firewall being much better than in other "flavors" of Windows.

I always say if you do any online banking, PayPal, eBay etc then you should have a third party firewall.

If you have a hardware firewall (router with a firewall) then that is enough. They say that those are pretty much bulletproof but I can't confirm that.

Good free firewalls.

Remember only install ONE firewall

1) Comodo (Uncheck during installation "Install Comodo SafeSurf..", Make Comodo my default search provider" and "Make Comodo Search my homepage" if you choose this one)
2) Online Armor
3) Sunbelt/Kerio
4) Agnitum
5) PC Tools Firewall Plus

[Glaswegian]

You can always test your firewall at ShieldsUp! - Steve Gibson's vulnerability test site.

[serverguy]

For anyone who is wondering, the reason to block outgoing traffic (what XP does not do) is that if for instance you got a keylogger or similar installed, it would not be able to transmit back to it's operator.

By this I mean, all programs use ports to communicate over the internet, for example Web Browsing is Port 80 and email is sent over Port 25 (Simple Mail Transfer Protocol or SMTP for short).

But there are some ports that are known to be malicious, or used by keyloggers etc.

So, if you prevent everything from leaving your computer or network and going out to the internet other than what is needed, you allow a whole lot less room for keyloggers, remote control viruses etc to operate.

Unfortunately, XP did not include any sort of outgoing firewall control. This is fine as long as you never get a virus that reports back to its operator.

So the reason evil suggests using a firewall that does do Outbound Filtering if you use your computer for any sort of usage that involves sensitive information (credit card details) is that if you got a keylogger, it would not be able to send your details back to some scammer in Nigeria.

Now, I recommend like EF does to run a better firewall instead of the Default XP one, unless your computer slows down too much with it running. This is the drawback to it, because literally everything that comes and goes from your PC has to be filtered, it can slow down the PC. For a modern computer there will be no noticeable slowdown.

Whilst some cheap (or not so cheap) wireless home routers do have a certain degree of firewall protection built in to them, very few of them have any sort of outbound filtering (except homebrew firewall / routers, like Smoothwall Express).



So, to sum up...

If you are carefuly about what you do on the internet, and have a wireless router with a built in firewall, and run Windows Vista, then you needn't worry at all abotu any additional firewall.

If you are carefuly about what you do on the internet, and have a wireless router with a built in firewall, and run XP SP2, then again, you probably needn't worry, but if you want to be extra secure, then running a better software firewall on your computer is fine.

If you are less carefuly about what you do on the internet, and have a wireless router with a built in firewall, and have a up to date computer, the do run a software firewall, with outbound protection.

If you only have a modem, and not a router, it would be the equivelent to internet suicide to run naked without a better software firewall on your computer. The built in one, is not good enough if you do not have a router with a built in hardwall firewall.

As for what I do, I run a hardware Linux Firewall (Smoothwall Express) that can do both inbound and outbound filtering.

Most of my machines are XP Pro, with just the built in XP Firewall.

However, for the last 3 months, I have had the outbound firewall turned off on the Smoothwall router, because I could not make it work with a certain VPN client. And never got aroudn to fixing it, so just left it until I had time to fiddle.

So I am now just trusting that no viruses will get on my network in the first place. Food for thought.

If you want an even more in depth explanation about the topic of Firewalls... (and this is a good read, whether you have no clue whatsoever, or are a hardened security expert)

http://www.grc.com/sn/sn-003.pdf