How Much is to much

[gus]

All this talk of firewalls has got me thinking.When do you draw the line in the sand and say enough is enough.You can fill your hard drive up with all the firewall antivirus/malware programs you like.But dose it not come back to common sense.Be careful ware you go and what you open.Keep your one antivirus/malware up to date if it carn't get in it carn't send stuff out.
Research by the University of Maryland discovered that computers connected to the internet are subject to attempted hacks once every 39 seconds.With findings like this its a wonder any of us are online and yet we are.
We could all sit round the fire drinking beer and worrying about bieging Iframed,the victim of botnet hearding or the revival of polymorphic viruses and never venture onto the web again.
Dosen't the advantage still lie with us?If you keep your software and system patched and your wits about you.
But back to my first thought how much protection do you need.

Gus.

[jscher2000]

If you never install any software, then pretty much any firewall will do. If you install software, then a firewall that checks with you on whether that software should communicate to the network, and checks again when the program changes or behaves in an unexpected manner, can help you prevent "leaks" of data. This does not seem like a very dramatic issue, until you have to answer half a dozen prompts an hour to train your new firewall. Don't worry, it's a fast learner. <img src=/S/grin.gif border=0 alt=grin width=15 height=15>

[gus]

Ok .I follow what you are saying.But if your software is from a secure source ,there should be no problem when it communicates with a network?
What I am trying to say is that to get ''leaks''of data don't you need to be infected with some type of virus.And to get this virus don't you need to have downloaded it in the first place.[Or have it sent to you in some form or another.] Having said that isn't it more important to stop the virus/malware/spyware/tracking cookie ect from infecting your system in the first place than using a fire wall to tell it has and is trying to send data out?
The question still remains.How much protection do you need and also what is more important.Your out going firewall or stopping the malware ect at the front gate.

[HansV]

In general, having a basic firewall that monitors incoming traffic, plus up-to-date anti-virus/anti-spyware software is sufficient if you're careful about where you surf and what you download. I've been running with that setup for years without problems. But many people prefer to have the extra protection of an outbound firewall.

[AlanMiller]

I personally like to know what "reputable" software is doing with outgoing communications. Some might "phone home" looking for (necessary) updates like latest signature files. Others might do the same thing to hit you with ads to buy their other products. I like to be able to allow the first type, but block the latter. A good "rules based" firewall will allow you to do this on a per application basis.

Alan

[jscher2000]

<P ID="edit" class=small>(Edited by jscher2000 on 04-Aug-08 13:01. )</P>There can be a gap between the release of a program and its detection as malware or spyware. Polymorphic viruses may evade detection for weeks or months as they evolve and AV companies figure out how to detect them. Anti-AV programs may shut down your protection or hide using a rootkit. And some remote control programs are not detected as spyware or malware because they have legitimate uses. You are on your own to detect that you have opened your computer to a remote controller.

For those reasons, a program control firewall is a good idea even if you have the very best AV and AS toolkit.

Added: If there were not high quality software firewalls available for free (Comodo, ZoneAlarm), and you had to choose how spend each security dollar, then you might choose to rely on the built-in firewall. But fortunately you do not have to make that sacrifice, so why debate the hypothetical?

[DocWatson]

<center>

<hr>The question still remains.How much protection do you need and also what is more important.Your out going firewall or stopping the malware ect at the front gate.<hr>

</center>

You need as much protection as you feel comfortable with.

If you are secure in the knowledge that you never go anywhere "dangerous" on the internet (even though hackers use legitimate sites to plant some of their mouse-over code that activates when you pass your cursor over a spot on the site) and everyone you communicate with via Instant Message or email is equally diligent in their surfing habits and never has opened any spam or forwarded an email that has multiple senders or recipients that are not know to them personally (from whom a spammer or hacker can harvest your email address and begin their particular brand of assult on your system via the World Wide Web)......... well, I think you understand where I'm going.

As far as which is more important, inbound or outbound traffic. The answer is that they are equally important. You simply can't be absolutely sure that you will stop all the demons at the gate and if they get in, you don't want them calling all their friends and having a party with your PC and your data. IMHO, of course. <img src=/S/smile.gif border=0 alt=smile width=15 height=15>