Ok, I have a router using NAT but people keep telling me I need a firewall. What is the difference between a router with NAT and a hardware firewall device?

Mike

The router hides your pc's ip address. It also blocks certane types of scans.

The software firewall will help block anything that does get through.

More importantly, the software firewall blocks outgoing stuff: trojan, adware, spyware. The firewall can be the first warning you get that you have malware.

A router with NAT may not have any kind of firewall built into it. In the router settings, look for something called WAN Blocking. This would be your routers inbound firewall. You should give your router model and firmware level. From that and a search on the manufactures web site would tell you if it has a built in firewall. Almost all of the routers on the market today have one. Not so a few years ago. And often older ones came with the firewall disabled by default.

Unless you have a very expensive business class firewall, a router firewall only blocks all incoming port request, except for responses that it sent out. Any thing can go out. A software firewall does the same but adds outbound checking and blocking. Problem with software firewalls is that they run on your system and take up processor bandwidth. Not a problem unless you are under a DOS attack.

This is just my personal opinion, other may agree or disagree but just an FYI to help you make a decision

Having both a router with NAT and a retail software firewall are pretty much a waste of your time and money.

To be safe get a router, and rename the admin account and put in a very complex password with caps, numbers, dashes, etc. If you have XP use it's firewall protection, and get a good virus scanning program.

I have ran this way for 3 years now and have had no problems AT ALL.

Most of the problems come when you select or accidently select a popup window which downloads the trojans to your PC, or your PC is connected straight to your Gateway or cable modem, this leaves you wide open to be hacked, with a router most hackers won't bother since your really not worth it to them.

Also, DO NOT KEEP PERSONAL INFORMATION on your PC such as credit card numbers, passwords,etc.
clean up you cookies, and also have an upto date spyware program just incase, when you go to sites that require a login, DO NOT let yoru browser remember the password, enter it everytime you go to that particular site.

The best way to avoid these trojans is to steer clear of "freebie" programs, those little extra email programs, such as HOTBAR, Weatherbug,etc. Most are known as BHO or Browser Helper Objects, most of the time they help send information out about you. Then become informated as to how to avoid getting hijacked.

Ok, I was asking about hardware firewall devices like a "netscreen-5". Is there any reason to put one of these things in at a business if it already has a business router?
As far as I could tell they both do NAT,making a public and private side of your network. Why is the firewall better? The router has configurable filters and comes with a default filter set. IS it just advanced auditing features? I can make the router invisible to ping with the filter set. What makes a firewall so hot?

Mike