router vs software firewall

[huge]

Sorry if this is covered definitively somewhere ... please just direct me if there's a clear discussion or FAQ.

I see some people saying "you don't need a software firewall if your router has a firewall" or "all you need is the Windows firewall, it's really not that bad" etc. I'm wondering about the truth of these claims...

I'm using Windows XP Pro, all service packs and updates etc.

Motorola Cable Modem

Linksys RT31P2 VoIP router (for vonage - I think this has NAT firewall)

Netgear WGR614v5 Wireless Router (with NAT firewall also?)

Was using Outpost Pro Firewall, but had problems

Recently using ZoneAlarm Free

uTorrent is working fine - I don't get great download speeds but they're OK. I had a relatively easy time setting up port forwarding on the Linksys and Netgear routers.

If I run the ShieldsUp online security tests, everything seems to pass with flying colors, whether I have ZoneAlarm running or not (that just means my Router's firewall is doing its job, right?).

During and after running uTorrent, ZoneAlarm catches and blocks many attempts from outside my LAN to access the uTorrent port on my computer. Does this mean that other systems have gathered my IP and port number while I'm running uTorrent and are trying to share with me even after I've shut down uTorrent? Or is it potentially something more sinister?

Given that ZoneAlarm is clearly blocking "intrusion attempts", does that mean that something is getting through my router's firewall and that I therefore need a software firewall? Or are these intrusions truly harmless?

I feel a little nervous about running uTorrent without ZoneAlarm or other SW firewall running - is my anxiety misguided? Am I likely to get better download speeds without a SW firewall?

Thanks for any advice/guidance/education you can provide...

-huge

[Firon]

Zone Alarm is misidentifying stuff as "attacks." It has an absolutely terrible IDS.

Yes, they are harmless.

[huge]

Wow thanks for the *incredibly* fast reply. Try to get it under a minute next time, would ya?

So *those* "attacks" are harmless, but are there other things I should be worried about that ZA or Windows Firewall or perhaps some better firewall (comodo?) should be around to protect me from, or am I safe hiding behind my 2 routers?

Maybe the clearest way to ask my question is: what threat is out there, if any, that could get through my routers but would be blocked by a software firewall?

thanks again,

-huge

p.s. probably not important that I know this, but what's "IDS"?

[Firon]

Intrusion Detection system.

And well, the thing about blocking 'threats', is that the only real threat is a security hole on your system. That's why it's always important to keep on top of updates for software, but particularly Windows itself.

[huge]

Thanks again, Firon ...

The way I'm interpreting your responses is something like this (tell me if you would agree):

If my routers are working properly, and Windows and other relevant software on my machine are updated and not horribly buggy or malicious, and I don't suddenly lose my mind and download a bunch of p2p-shared software and run/install it without scanning and sandboxing it, I'm probably *pretty* safe without a SW firewall. The only real danger then would be from an accidental security leak in my routers and/or OS and/or Software and/or brain.

-huge

[Firon]

Yes, actually. If you have a router, it's not really necessary to have a software firewall. But if you insist, the Windows firewall is honestly sufficient.

[huge]

Thanks for your helpful replies.