I wasnt specifically talking about me, My ingoing, I think is very safe.  But a user a couple of days ago was trying to get going although she admitted she had a virus

When you can see the internet then the internet can see you.  So you need a firewall to block unwanted inbound traffic and stop people hacking into your computer.  Before Microsoft came up with a decent Windows firewall (which arrived with Service Pack 2 for Windows XP) you had to use a third party product.  Many people used ZoneAlarm because it was free; I did.  After a while the companies that sell antivirus software caught on and started offering "Security Suites" that bundled their antivirus product with a firewall.
These third party firewall all offered control of outbound traffic as well as inbound and many computer users got so used to this feature that they don't seem to be able to live without it or question whether it is necessary .  My experience is that these third party outbound firewalls are more trouble than they are worth.  The Windows firewall offers protection that I find quite good enough and never, in my experience, gives problems with your internal network.  It's my job to sort out computer and network problems so I have quite a lot of experience.  Actually, by the way, the Windows firewall does offer some control of outbound traffic but it does this with a very light touch so you rarely notice.
You don't need to control or block outbound connections unless there is something wrong with your computer, that would mean your security software has failed.  Now I concede there may be some virtue in a belt and braces approach.  But if you use a security suite with an outbound firewall that makes its own decisions then you probably just have a belt after all because if the antimalware part misses the threat. then why should the firewall block it?
If I can use an analogy, would you tell everyone they must drive a car with manual transmission?  You get more control with a manual gearbox but an automatic will still get you from A to B perfectly well and some people find automatics easier to drive.  Suppose your mother were going abroad and wanted to rent a left hand drive car to drive on unfamiliar roads in unfamiliar conditions.  Would you recommend she rented an automatic or a manual transmission???
By the same token I would recommend people to use the built-in Windows firewall.  It will keep you perfectly safe and it is unobtrusive and easy to use.  Some people will prefer the greater control afforded by an outbound firewall but that is a personal decision.  Third party software firewalls can give you a range of troubles and inconveniences and I think it is irresponsible to recommend them to others.     
       

       

the person who I was referring to has just posted so found the offending bit

Quote from: familycat

Quote from: Oldjim First and easy answer - changing to Firefox wouldn't help. A few questions I assume that this is the first time this has happened and that you could connect successfully before (1)Have you upgraded or changed your security software (2)Have you changed anything in Outlook Express (3)Looking at your previous post - you have just changed from Orange - are you still using the Orange email servers or have you changed them to the Plusnet ones in Outlook Express (1) No.  On a deep scan it would not remove one virus: twext.exe (2) No (3) Still using Orange email but I noticed the Plusnet connection symbol when it was trying to send. This is the first time I have used OE since my move to Plusnet - the business only accept emails through OE ( I tried to cut 'n' paste the address and it would not let me!) Thanks in anticipation Oldjim.

Obviously we don't agree.
i work from the principle that no anti virus package is 100% foolproof and there is always the possibility that a zero day attack will get past it.
This is why more and more security systems are using heuristic detection backed up by behaviour analysis rather than pure signature based detection but even the best heuristic detection is less than 70% effective (and often much less - see AV-Comparatives retrospective test) but even then they are guaranteed to stop everything.
Once something has got into your system then the next line of defence is a good firewall which will hopefully stop that virus, trojan, etc. communicating with the outside world hence giving you a fighting chance of keeping your data safe.
You could argue that this is an unlikely scenario but it only needs to happen once and given that most users don't usually do a full scan more frequently than once per week and often much less there is an extremely good chance that signature updates won't pick up the problem for some time and during that time it could be sending your private and sensitive information to criminals somewhere in the world.
You may think I am paranoid but I consider myself careful and as I am often guiding very inexperienced friends who rely on me I believe in taking the belt and braces approach to safeguard their personal and sensitive details.

I have no anti-virus on any of my non-Windows machines (3-off) for the last couple of years.
I have also never had any viruses.

Quote from: ReedRichards

You don't need to control or block outbound connections unless there is something wrong with your computer, that would mean your security software has failed.  Now I concede there may be some virtue in a belt and braces approach.  But if you use a security suite with an outbound firewall that makes its own decisions then you probably just have a belt after all because if the antimalware part misses the threat. then why should the firewall block it?

What happens if you pick up something from a banner ad like this http://www.theregister.co.uk/2009/07/20/digital_spy_malware/ ?
As Jim said a firewall monitoring outgoing connections would give you a chance of catching it.
And if you took your point of view one step forward surely the fact you're behind NAT router means you don't need a firewall on your PC at all?

Quote from: adiewoo

What happens if you pick up something from a banner ad like this http://www.theregister.co.uk/2009/07/20/digital_spy_malware/ ? As Jim said a firewall monitoring outgoing connections would give you a chance of catching it.

Well what happens, according to the article, is that your anti-malware software alerts you to the threat.

Quote from: adiewoo

And if you took your point of view one step forward surely the fact you're behind NAT router means you don't need a firewall on your PC at all?

Well, yes, I agree.  But running Windows it's easier to leave the firewall in place.
Oldjim still hasn't explained how a firewall that is part of a security package offers more protection than the basic antimalware.  I repeat, if the antimalware misses the threat, what reason has the firewall for blocking it?  It is one thing to guide your friends in the use of a third party firewall because you can also guide them out of the trouble it may cause, such as blocking network access.  It is another thing entirely to recommend these to everybody.   

Frankly there is no point in continuing this discussion as you obviously do not understand how a modern firewall works in intelligently blocking unauthorised outbound activities.
You are completely set in your ways and despite the fact that the vast majority of the experts in the field wouldn't agree with you, you still expect me to produce more reasons.
If you want to have a detailed discussion on the subject I suggest you start a thread here http://www.wilderssecurity.com/forumdisplay.php?f=31 and see how far it gets you.

You are quite right that there is no point in continuing this discussion between us, Oldjim,  you have your opinion and I have mine.  It's my job to fix peoples' computers when they go wrong and time and time again I see problems caused by third party firewalls that do not arise if the Windows firewall is used.  Problems are good for business but not if you caused the problems in the first place so I avoid installing "internet security suites" where possible.
You might be correct that the heuristic analysis built into an antivirus program may not be completely aware of what an unknown program does when it accesses the internet without that program also having control of the firewall.  That seems to be the gist of what you are saying.  I guess the best way of testing this and proving your assertion would be to look at the statistics for detection rates and see if XYZ Internet Security scores more highly than XYZ Antivirus.  I'll see what I can find.