The firewall debate heats up

After my post yesterday, then my article in the newletter, a few people feel that I am way off base in recommending that most people don't need a firewall.

First, Windows XP has a firewall built-in, if you use DSL or you have your cable Internet running through a Router, then you have a hardware firewall. My comments are pertaining to the extra software firewalls like ZoneAlarm and Sygate.

My cool brother-in-law, Nishan, emailed me with a few comments about my articles. He designs and maintains a huge database for a medical billing company in Oregon. In other words, unlike me, he is a true geek. I merely pretend to understand when people talk about SQL, Linux, and Apache, Nishan understands this stuff.

Since he spends his days combatting stuff like hackers his systems must be extremely tight. So, I can see where he's coming from.

Below is his email to me followed by my reply.

Hi Adam,

I just read your newsletter. I respectfully disagree. There is a simple process of implementing a software keylogger which sends user data back to "Hack Central". And that another reason hackers hack into computers is for DoS attacks. By implementing remote bots, the hacker can take down sites or send spam for those bots.

I do agree that the person with the dialup doesn't need a firewall.

Nishan

————

Nishan,
For the most part, firewalls won't stop keyloggers. AntiSpyware programs stop keyloggers. In order for a firewall to catch anything, it must be maintained. I would argue that about 90 percent of home users with firewalls have no idea how to keep them maintained. As a result, giving permission for a program like CoolWebSearch or WinFixer to access the web is enough to render the firewall useless.
If you have an antivirus and keep your system clean of spyware, you shouldn't be worried about hackers.
You are in a totally different boat than the people I am writing to. I totally agree that all Network Admin types should keep their systems tight, but seniors, soccer moms (and dads), and guys who sit at home at night researching sports and and anyone who occasionally purchases a book on Amazon shouldn't have to worry. Not because there isn't a threat, but because the possibility of having their system hacked into is less likely than getting into an automobile accident.
In the six years I have been doing this, I have never seen a home computer hacked into in a way that a firewall would have prevented. All of the hacks I have seen have been the result of a virus, phishing, or spyware, none of which are prevented by a firewalls unless they are carefully configured. Either the infection opens the firewall or people don't know what to do when the alert comes up, so they just click "always allow."
You aren't the first Admin to disagree with me, but for now the likelihood of having major problems due to a corrupt firewall or security program is higher than the possibility of a major hacking disaster at least for the home users.
By the way, I am going to put this discussion up on the website for my article today. I think it's a great debate and both sides need to be explored.
Thanks,
Adam