I have just moved to broadband and have a wired router, which has a firewall. I want further protection and have just installed online armor. Now, I have a real thicko's question. Typically, during the day when I am not using the internet, I put it in standby mode. My router and LAN will be connected. If I don't want to rely on the router firewall, will my OA firewall protect me from hackers or do I have to do anything else? I'm not sure if a firewall actually prevents outside attacks, or just tells you when they are happening.

I wondered if I had to click "Block all network traffic" but when I tried this and came out of standby, I got a yellow exclamation triangle over my LAN icon saying "loss of connectivity" - and the only way I can get the connection back is to select "Repair". This doesn't sound right that I had to do this every time and I just wanted to confirm that I if did nothing, I would be fully protected from the outside world.

Hope this makes sense - sorry if it sounds a silly question

use router firewall in addition to OA. Nothing will come through router firewall and nothing, that you don't allow will come through OA firewall. They complement each other. No need to block traffic either

Cudni

Inbound hacks should be blocked at the router/firewall before ever reaching OA, so they won't be seen there; and, usually router/firewalls have logs where they will show up. You can tell if you are being port scanned from the hardware logs - they will show attempts to connect to multiple ports all coming from the same IP.

99.99% of those attempted inbound hacks are from zombified systems, whose owners don't have a clue that their systems are being used for that purpose. By their very nature, those types of inbound port scans are simple to block - they are pretty "stupid" hacks, but they will capture IPs from unprotected or improperly protected systems.

Totally, absolutely safe? Well ... if someone is absolutely determined to hack in, are extremely knowledgeable and have many hours to invest in hacking just into your LAN, there is just the slight probability that they might get lucky and do it. But, it would require a live person, and many hours of work to make it happen.

Remember, unless a live hacker knows there is something of great value on one of your systems on your LAN, there are easier fish out there to fry, systems that are totally vulnerable to inbound threats. Why waste hours on something speculative when there are much easier targets? "I don't need no crappy firewall, it slows down my game by 0.5 FPS, and I never get infected." Yeah, sure, how many times have I heard that from owners of incredibly infected systems.

The only totally safe system is one that has no Internet connection, and that is never turned on or have software installed on it. Unrealistic, I know. Otherwise, given your protections, it is not normally necessary to turn everything off unless you are going to be offline for some time - vacations, typically.

One thing you should make sure of and that is all your ports are in fact closed and even better, stealthed. Go here:

http://www.grc.com

follow the links to ShieldsUp! and run all the tests. That will tell you exactly how safe your system is from inbound threats. What you want to see is everything green. If that's the case, you should be as safe from inbound threats as home systems can realistically get.

Most gateway protected LAN breaches are accomplished not via a brute force hack into your LAN, which rarely gets by good quality router/firewall gateways, but by fooling one to either visit a malware payloaded web site where an ActiveX or other script installs malware, or to download and install malware ridden software on a system that establishes a backdoor. That is one very common way that P2P users get infected. Many, if not most, P2P files are malware laced. Then if you permit the backdoor to run in OA, you are compromised. The human element is one of the weakest ones in your security protection.

The other way to do it is to hack a mobile laptop when it is not protected by the LAN, and then when it is reattached to the LAN, bango - it infects other systems on the LAN because the malware has breached the gateway protection. That's a very common way that corporate LANs are breached. Inadequate protection behind their gateways. That's another reason to use a top flight software firewall like OA.

BTW, in standby mode, nothing is actually running on your system, so from a malware infection potential point of view, that is effectively the same thing as turning your system off completely.