>> Do you find this combination enough? (MSE and Windows Firewall)
Slight correction. Do I find MSE, Windows Firewall and my NAT router enough. Yes.
>> Is this in Windows XP and/or Windows 7?
Both
--------
Ive been on the internet for 16+yrs so Ive been through my fair share of AVs and firewalls during that time. However for the past 8 yrs or so I havent used a software firewall (other than M$).
9.5 yrs ago I was very badly hit by
SQL Slammer. I was infected within 20mins of it being released into the wild and I remember it well, because it was the day before I was due to hand in my final BSc yr paper for (WAN) Networking... and had to reformat I dont think I slept for about 36hrs. SQL slammer on a 56k dial-up connection is NOT good, the backup of traffic meant my PC was incapable of doing anything.
I was infected despite having AV and a software firewall (Zone Alarm) because I was using MSDE and although there was a patch for SQL Server, there wasnt for the version that had been supplied as part of my course.. and although NOW there is a patch and removal tool. Back then there wasnt, nor did my firewall or AV pick it up despite being up to date. In fact AFAIK it wasnt detectable by any of the AV nor (m)any software firewalls which is why it became one of the worst attacks of all time.
Yet, due to it being an unsolicated packet, NAT would have halted it.
----------
Move on just 2 months, my exchange was activated and I made sure I didnt use one of the ST modems that were being shipped out and I forked out for a NAT router which in those days weren't cheap.
I kept my software firewall on for about another 6 months or so, but I ditched it after I realised it wasnt really doing anything and everything was being caught by my router - the SAR had damn good logging. I saw absolutely no need to run a software firewall that just bogged down my PC when the router was doing all it should.
Since using a NAT router and decent AV, Ive not been infected by any of the nasties that where constantly trying to get in when just using a modem.
---------
You express concerns about a software firewall and outbound traffic. My answer to that is - well it depends on you. What sort of outbound traffic are you wanting to protect against? If you think about it... then the nasties are
incoming and as long as youre not stupid and dont introduce stuff on your own network (say via USB) then you should be fine.
Outbound monitoring means that the PC (or LAN) is already going to be infected. A decent AV should take care of that already. Its the AVs job to scan new files and exe's before they hit the machine.
There will always be new exploits and viruses, but since SQLslammer, most of the major Antivirus manufacturers now have added protection in that they dont just look for specific viruses, but they also look for virus patterns, which will pull up new variants before they are even named or identified.
So if you know your network is clean and youre not one of those that will install just about all and sundry on your PC then I dont see the point. Aside from that tools such as Netmeter easily show any outbound activity.
Im not saying its 100%, because who knows what will be dreamed up in the future and one of the best defences of all is to just be careful what you click on.
-------------
>>> Not clear how a firewall causes "erratic and slow" speedtests.
Not sure either, but McAfee is one of the names that constantly seems to cause problems. I dont have time to look into it, but I suspect that some cases may be due to relay of traffic/proxies... if anyone wants to follow that line further and do some research... but that would be my starting point.
