It really depends on how much security you want on your PC.
The good thing about host based (software) firewalls is you can control program access to the network/internet. The firewall built into your router can only block inbound/outbound ports/hosts. By default your router probably blocks all inbound requests and allows all outbound requests. If you get a trojan installed on your computer which creates a connection (if your computer creates a connection it is an outbound connection and any data can be sent in either direction while that connection stays alive) to an irc server in china, any command sent back by the remote computer can be ran from your machine.
If you had a software firewall such as zone alarm, when you first install it you can set the security to "high" or allow access to only defined programs and deny to any others. This is the best way to go although it can be annoying when you install a new program (or game) that needs access to the internet, you must allow access for this program.
Is this true for all hardware routers? Or just the cheap ones that come in your basic $50 home router?? Are the firewalls in the small business type routers like the Linksis Rvs4000 any better??
Router firewalls can only be generic and small firewalls. They must allow most of the traffic in. They usually only block IP's and ports. Software firewalls on your computer can be tailored to admit/deny specific connections and programs.
The Linksys RVS4000 and WRVS4400N can block various IM and Peer-to-Peer applications by name (i.e. Yahoo, MSN, etc) and like most non-pro firewalls, can block specific ports. As others in the thread mentioned, you can also use a software-based firewall on your PC to provide even more flexibility in blocking PC host applications. I use McAfee Security Center since it is an all-in-one (Firewall, Spam, Anti-Virus, etc) and I get the home license free through my office. No brainer.
Even for home users, I would recommend some implementation form of defense in depth. Any good firewall out there should be stateful. There are some firewalls that can do deep inspection but you need to shell out a lot of money for them.
Even hardware firewalls are software-based... usually linux with iptables.
I found that the best approach is to have a separate machine, a really old one (in my case it's a K6-2/300, with 256 mb RAM, 2.1 Gb HD and 3 NICs), with linux, shorewall and squid installed. It works great as a firewall and also as a proxy server, even allowing you to block undesired sites (like all advertising sites). A machine like this is really cheap, and the software is freeware and easy to find.
