back when I first got my DSL connection, everyone told me a router was a must-have item, because of the hardware firewall.

But now with windows xp service pack 2's firewall greatly enhanced and with free software like zonealarm, is the router still a must-have item for broadband users?

I own a router and so I use it, but I'm asking because my friend just got DSL and he does not have a router, and the only reason to buy one would be for the firewall since he only has 1 computer he doesn't need it for routing purposes.

So should I recommend he spend the money on one or is he pretty safe with zonealarm?

Provided you keep it up to date, a software firewall should be sufficient for most users. If your system gets compromised then a software firewall can be turned off, but at that point it's just as easy for the stuff on your system to phone home and get more data in that way.

I and others here use both a router and a software firewall. Why, because we have been hit through our routers and the Firewall stopped them.

Plus that firewall will tell you when something tries to get ont the internet. Which the M$ one will just let out to tattletail.

I personally don't find a router a neccesity, however, it can add to your security. A good software router should do the job though. I just read an article that shows that not even a good router can keep you anonymous. Have a read (courtesy of SpywareInfo):
Kiss Your Anonymity Goodbye

A doctoral student at the University of California has devised a means of fingerprinting a computer and tracking that computer across the internet. This fingerprinting defeats all known methods of hiding the identity of a computer. Attempting to use proxy servers, NAT firewalls, routers or any other methods fail to hide the identity of the computer.

The fingerprinting is very simple to understand. Every computer has an internal clock. That clock is inaccurate by a miniscule amount of time. Only an atomic clock is perfectly accurate. This inaccuracy is referred to as "clock skew". By analyzing the network packets being sent by a computer, the clock skew in the computer's internal clock can be measured. It is believed that no two computer clocks will have the exact same level of clock skew. Changing the computer's time will have no effect on this fingerprinting process.

The only way to defeat this fingerprinting is to instruct your computer to not attach a time stamp to every packet it sends over a network or to falsify the timestamps. Doing this can be either simple or very complicated, depending on your experience with computers. I wouldn't know how to do it myself. I wouldn't be very surprised if someone comes out with a software tool to do just that.

Just make sure you turn off File & Print Sharing, keep your anti-virus updated, and run a third party firewall, i.e Zone Alarm.
Oh yea, don't forget the Spyware programs!!!!

I have been using a Smoothwall recently for my router/firewall

Smoothwall (http://www.smoothwall.org)