From: John Beckett 

Gary Britt  wrote in message
news::
> OK, so if you have a software firewall, I thought one of the advantages
> of having a software firewall was to keep virii and trojans from your
> side of the router/hardware firewall from getting on your machine.

You (should) hear mostly about this in a corporate environment where a
workstation probably does NOT have shares and so does not need to open
holes to allow incoming connections. Therefore a worm on the local network
wold be much less likely to be able to penetrate such a workstation.

But, as you say, if you share a folder then you need to open access to at
least some ports, and if a worm could exploit the service that you have
exposed, then you could be owned.

If you have disabled NBT (NetBIOS-over-TCP) you only need to open access to
destination port 445/tcp (but then you would need working DNS or hosts
files to resolve names).

Your firewall would still block connections to other ports not related to
sharing, so you would get some protection (although there shouldn't be many
of those ports on a workstation).

But your essential point is correct.

John

--- BBBS/NT v4.01 Flag-5