Firewall needed with DSL modem?

Keep on wondering if a software firewall is really needed when using a modern DSL modem with built-in firewall function.
I keep on reading that a software firewall is a must......no matter what.
Currently running Vista Premium with the Windows firewall active, Nod32 and Windows Defender and Dsl with a modem with built-in firewall.
I've tried configuring the Windows firewall for outgoing traffic, but I really don't know how......it's a shame.......why they make it so hard to use!

Please inform me about the need for a software firewall.

 

No expert here but I can tell you I would not be online without a software firewall. The main reasons I know of why to have a software firewall also is outbound connections/application control.That is so you are in control of what is allowed to have internet access.If something bad got on your PC, say nod32 missed it(Possiable)and also Windows Defender missed it(not a good one from what I hear) a good solid software firewall would be needed.I'm sure there are other reasons but again like I said i'm no expert(far from it)Maybe someone here more knowledgeable will add thier help.
(I use a software and a hardware firewall)

 

DSL Modem or Modem/Router - Most of the newer basic DSL modems have basic NAT and some have configurable firewall features. There is also the option of using an all in one DSL modem and wireless router. I prefer the basic DSL modem along with my own wireless router (Linksys WRT54GL). However, as long as your DSL modem has basic NAT and some firewall features your current DSL modem setup should be fine for basic inbound internet security.

Software Firewall - Vista has a decent basic software firewall but it's default configuration and its alerts system are set up for the average PC user which is why many more advanced PC users want a full featured third party software firewall for Vista. Your current setup is ok but you might feel more secure in the long run with a good Vista compatible third party software firewall with more configuration options, more features and a different alert system (especially for outbound protection). I don't use Vista at this time so I can't make any experienced software firewall recommendations but this forum is a great place for advice from other Vista users about recommended software firewalls.

Your current overall configuration should be ok for now. Take your time to explore other software firewall options and decide what firewall programs for Vista you prefer using. Since you are using ESET's NOD32 Anti-Virus you could consider using their all in one security suite (ESS) which includes ESET's own software firewall. It is in the beta testing stage right now but it should be available in the very near future.

 

Thanks for the help and info. I'm really interested in ESS (Eset Security Suite) when it becomes final, as it should fill all needs, but working with the beta didn't go very well. I'll look around for other tips regarding a good firewall for Vista.

When using a software firewall, should I disable Windows Defender as well?

Thanks again!

 

You are welcome Big Apple! Many current NOD32 users are waiting to see how ESS turns out when the final version is released.

Regardless of what other security software you install I would recommend that you continue to have Windows Defender (which is a basic anti-spyware program) enabled in Vista. The exception to this rule would be ONLY if it is suggested that you disable it (for improved system compatibility) before installing another security program that you want to use. If you install a third party software firewall or a full security suite which includes a software firewall then that program should automatically make any required system changes (i.e. disabling the Vista firewall) during installation.

 

Clear story......thanks again!

 

Is there really any need for a Software Firewall to be able to pass Leak Tests like Comodo Pro is known for, if behind a Hardware Firewall?

 

A hardware firewall is only good for inbound protection.A good software firewall handles inbound and outbound protection.To me there's no reason not to use a software firewall seeing as thou there are some very good free one's out there.

 

Speaking for myself, all I have been using for the past 10 years are good hardware firewalls. Never had the need for software all though I have tested a few in the past.

 

I am using Comodo Pro which I like a lot, but leak tests aside, I think PC Tools FW or even the AVG Firewall would be good enough protection behind a router firewall along with a good AV and HIPS?

 

As all other replys here have stated the short answer is yes, you need a Vista compatible In/Out stable software FW.

The reasons are as stated.

The reason I have one is to minimize outbound packets that have no business leaving my PC carrying my information with them! That means stopping applications from having internet access that shouldn't have it and blocking your PC from accessing certain sites that are known "gathering sites" or worse the sites Trojans use to send data too. Your modem will not do that.
It is a privacy and identity issue.

Why do they make it so hard? Bad design assumptions that users have the same knowledge and jargon as network programmers.

Sorry for the long winded answer but that's the best I can do tonight!

 

Agreed, if I felt the need for outbound protection, I would use a HIPS like DSA. Or. better yet, Jetico 1 with inbound protection disabled.

 

Hi benny bronx

Just curious, why do you not feel a need for outbound protection?

This is not a challenge to your view at all I just want to understand..maybe it is the purposes to which you put your PC being different than mine?

 

Hi Escalader:

To clarify, I usually did run either of the two apps I mentioned behind my hardware FW. I only feel running inbound through two FW's is unnecessary. And I can see why some of our members who have a more detailed knowledge than myself of what is running on their comp feel no need for outbound protection.

 

So basically if something can't get in to the PC in the first place with a layered protection from AV, AS, and HIPS in place, then there's really no need for outbound protection, right?

 

Not necessarily.For instance if you have a legitimate program on your computer that you use but it wants to try and connect/update to the internet you can stop it with application control within your software firewall.(just one example)

 

Conclusion.......it's always better to have a software firewall installed!!! But now my next problem, I find it very hard to understand how to properly configure a firewall. Is Zonealarm Pro, combined with my other security configurations, an easy to use and configure firewall? I'm running Vista.

 

Vista,yes that is a problem. I have XP so I really can not help to much here other then saying that I did have ZA FW quite a while back,droped it due to many things.I believe the kicker was the calling home issue.Maybe thats resolved.My sugestion is to find a few Vista compatable firewalls try one at a time,fully remove one before tring another.Some are just eazyer to set up then others.You ask if ZA combined with your other security softwares would be eazy to set up yet you don't list them.
ZA has a firewall compatable with Vista,here are a few links to show others,
http://vistabookmarks.blogspot.com/2007/03/windows-vista-compatible-firewalls.html
https://www.wilderssecurity.com/showthread.php?t=175795&highlight=vista firewalls
http://www.matousec.com/projects/windows-personal-firewall-analysis/links.php#personal-firewalls
In the last link those with the round vista icon(are vista compatable)
There's a start for you,I'm sure there are others.ZA might be a good one for vista,I just don't know not using Vista myself and not using ZA for a long time.Good luck and IMO a you made a smart choice adding a software firewall to your setup(whatever it is)

 

Should I be safe then using the AVG Firewall with AVG AV, a-squared Anti-Malwre Full Version and CBOClean? Or would Comodo Pro Firewall because of it's leak test capabilities be a better choice than the AVG FW and then leave out CBOClean? The reason i ask is that my PC is running faster now with my current set up than it did when using CPF instead of the AVG FW.

 

Thanks a million and I'll shop around at the links you supplied.
My setup, as mentioned in my fisrt post: Nod32, Windows Defender, Vista Standard firewall and ADSL modem with built-in firewall.

 

What OS are you using? Win98? 2000? ME? XP? Vista?

 

FWIW the ZA calling home issue is NOT resolved. See

https://www.wilderssecurity.com/showthread.php?t=172579

where after many many posts 200+ I and a few others concluded that if you are at all concerned about unsolicited outbound packets ZA is bad choice.
It is very heated at times but read at least Stem's comments.

 

Exactly! Most of the DSL "modems" that ISPs give you now are combo modem/routers (gateway appliances)..that do the PPPoE and run NAT. So you're covered. I will not support a PC or network that is not behind NAT. NAT protects you with hardware firewall protection from the outside..which IMO is the most important thing.

If you also feel the need to monitor your outbound traffic...you can add a software firewall, but IMO that's a bandaid and often too naggy. Personal preference though.

 

True inbound firewall protection wether hardware or software is extremly important.But IMO outbound while maybe not as important is still necessary.
Which is why I chose a hardware and a software firewall.Yes it may take time and a lot of patientce.But worth it.

And leave my wife out of this.