Posted 10 October 2009 - 12:35 AM
Let's put it this way. A hardware firewall, which is what you see on a router ( *if* the router comes with a firewall ), correctly configured should stop any person trying to breakin by exploiting holes in the OS. ( Of course if you allow inbound connections with a password and a bad guy gets that password, then no kind of firewall can help you. )
However a hardware firewall will very likely not stop a piece of malware already on your system from connecting out--for example to add your computer to a botnet.
Your software firewall, if it allows access by application, will send up a red flag ( "This_piece_of_spyware.exe" is trying to establish an outside connection, allow? )
if malware is trying to connect out. THus letting you know that you have spyware.