Why home firewall software is a leaky dike

From same article:

 

Well that's well know what is written in this article.
Resuming you can say, that the security on your PC is as good as you know what you are doing. Bad configuration, not following standard security measures, missknowledge can do more harm than good.

Lets put Internet Explorer in 'Trusted Zone' and everything will go ok And this buy the way is the risk of so called 'one-click' firewalls.

 

From that article:

Now, we all know that a good security model is a layered one, as the article does indeed suggest. So which particular layer prevents software making unwanted calls home? Oh yes, the personal firewall. A router/firewall appliance cannot do this alone, as it stands.

I suppose then that a leaky dike is to be preferred to no dike at all...

 

I believe software-based firewalls have become a lot better the last couple of years, at least it´s better than nothing. And if I´m correct, HIPS can also be used to fight against malware trying to bypasss the firewall, just look at all those leaktests.

 

Very interesting article.

.

I guess the best recommendation is to know where you are surfing and make your PC act like a hermit.

 

Yep I picked that up as well.

Router firewall here but I still use a software firewall to stop MS programs phoning home.

 

there are few facts only words

 

Good article. Well here is my thoughts.

Good points are made nevertheless, my software personal firewall double checks that my NAT Router firewall is working correctly. No incoming attacks. A silent hard drive, when not in use. So it is best to have redundancy. I hate turning the PC on and off. Takes to long to come up even under the best of circumstances.

My desktop firewall is a gate keeper for the most part. Trusted programs are given full or partial access. Everything else .

One (weak) link in the chain of PC security and I would agree not the most important. But even the weakest link will hold fast and not necessarily break. By far the best is to keep crapware off your machine with other security programs or secondary built in components in the firewall as in the suites.

If one is behind a hardware firewall blocking only incoming then there is no need to panic. As my firewall is set to be manually turned on after the occassional reboot. I have been without my software firewall on for as long as a week. Whoops I forgot to turn it on. With no ill effects.

Still I think I'll keep my Out Post Pro as long as it doesn't chew up too much resources.

 

Since this article is meant for beginners, there are good points like to control emails, javascripts, to check auto configuration rules and to use additional software like AV.