Software firewall with router
I decided to do some experimenting to determine if I need to leave my Zonealarm running with a router/switch (mine's an SMC Barricade) which is already a good firewall in itself. The answer is a definite YES!!
I went to grc.com (Gibson Research) and read nearly every article they have written on security and tried out their tools. I did the Shield Test and Nanoprobe and my computer was absolutely invisible with only the router's firewall. I thought Great! I'll disable Zonealarm. But then I ran the Leak Test which basically emulates a trojan attempting to "phone home". It got right out and the router firewall didn't even see it! I then turned Zonealarm on, reran the test, and Zonealarm caught it immediately and asked for a permission. This is something Black Ice will NOT do.
Another bit of advice from grc - if you run Windows XP you need to install this patch:
http://grc.com/xpdite/xpdite.htm
to fix a severe security flaw. Read their caution on Microsoft Service Pack 1 also.
The problem of XP's raw sockets is also rather serious:
http://grc.com/dos/xpsummary.htm
Keep your firewall up and running! And I'm also sticking with 98 for now. Until I get my Linux box running!
I decided to do some experimenting to determine if I need to leave my Zonealarm running with a router/switch (mine's an SMC Barricade) which is already a good firewall in itself. The answer is a definite YES!!
I went to grc.com (Gibson Research) and read nearly every article they have written on security and tried out their tools. I did the Shield Test and Nanoprobe and my computer was absolutely invisible with only the router's firewall. I thought Great! I'll disable Zonealarm. But then I ran the Leak Test which basically emulates a trojan attempting to "phone home". It got right out and the router firewall didn't even see it! I then turned Zonealarm on, reran the test, and Zonealarm caught it immediately and asked for a permission. This is something Black Ice will NOT do.
Another bit of advice from grc - if you run Windows XP you need to install this patch:
http://grc.com/xpdite/xpdite.htm
to fix a severe security flaw. Read their caution on Microsoft Service Pack 1 also.
The problem of XP's raw sockets is also rather serious:
http://grc.com/dos/xpsummary.htm
Keep your firewall up and running! And I'm also sticking with 98 for now. Until I get my Linux box running!