I am aware of L&P and most of it will go completely over the head of the average user. Their main slant is the difference between software and hardware firewalls whilst my slant is the need for the extra layer that a software firewall provides.
They also presuppose that malicious software will somehow interact with a software firewall in order to lessen it's efficiency to a greater or lesser degree. In the main, that presupposition is false. To take their first example, how many LSP hijacker trojans are out there? In the grand scheme of things, they are very thin on the ground!
Yes, a hardware firewall is a better method of fending off incoming attacks (Again, if it's properly instituted and maintained) but it is utterly useless where outgoing traffic is concerned and in todays climate, it's just not good enough.
In their examples, not one popular hardware firewall would fare any better than a software firewall. In fact, the prognosis where a general purpose hardware firewall is concerned is very much worse than that where an average software firewall is concerned. Let's not forget that "application blocking" doesn't simply refer to a simple yes/no to a certain program in a well maintained setup!
Just a few questions to consider:
How would a hardware firewall prevent a trojan inside say, a zip archive being delivered? Now let's say that trojan is installed. How would that same hardware firewall prevent that trojan from connecting to say a web server or an FTP server?
