I only used Windows Firewall for quite some time and I don’t have a router. For the past month or so, my direct downloads (http) are getting crippled and slow so I have been downloading using torrent since then. Then again, I can only maximize my bandwidth by downloading 10 to 15 files at the same time. I got tired of this so I used an old version of Zone Alarm that I have in my HDD.
When I used ZA and set the settings to high, I was getting 1000 plus access attempts per second from different IPs. In other words I was receiving a lot of tiny files since the Windows Task Manager’s Network meter was only small. I got paranoid after that but after some research it seems that those are just zombie bots or something.
I downloaded Comodo Firewall after that and it’s blocking the same amount of intrusions as before. However, I can use the Internet without getting hammered. Unfortunately my direct downloads are still as slow as before.
I was advised that I should use a router and use Windows Firewall and dump third party firewalls like Comodo since they’re useless once I get a router.
My question is that, will the constant intrusions be the same even if I get a router?
If you’re using p2p you will need to allow incoming connections to your p2p clients TCP and UDP port. if you don’t do this people will be attempting to connect to retrieve parts of the file you have and are rejected, hence the apparent intrusion.
Using a router is a good idea, however, I would remind you that CIS is more than a simple firewall. It also contains a comprehensive HIPs component as well as AV. The three components are designed to work in tandam.
As a Father’s day gift I received a Hardware Firewall/Router.
This includes a superior Modem which greatly improved Broadband Internet speed.
It also keeps at bay a lot of “noise” attempting to connect to me,
and each thing that is blocked by the router is something which no longer wastes a few CPU cycles,
but the router would not prevent the noise from degrading your connection speed to the ISP.
It does NOTHING for security, and I would be far more vulnerable without the software firewall.
Both the Hardware and the Software Firewalls were set to reject ICMP Echo Requests etc.
The Software Firewall is ALWAYS successful,
The Hardware Firewall less so.
When I go to one particular Internet speed testing site it not only uses TCP protocol connected to a specific port for measuring the speed, it also does an echo request to make sure I am there ! ! !
Because I chose to make a TCP connection to that site, the Router decided to accept any old junk that was thrown back to any or unspecified port via any old protocol.
Comodo keeps me safe because it likes both directions to travel via the initial port and in the same protocol.
There are sites you can choose to visit that have been infected with something malevolent,
and I would expect to be invaded by something infinitely worse than an echo request if I depended upon the hardware firewall.