My router says it has a duel firewall both spi and nat is it at all better to have this

I'd say that particular claim is a bit misleading. NAT and SPI are really little more than different levels of firewall protection. SPI does the grunt work, it's the real guts of a personal firewall. NAT is comparatively superficial, it merely hides your actual IP address. Think of NAT as putting a false street number on the front of your house, and of SPI as installing deadbolts on all your doors. If you're a dynamic IP subscriber, having your own NAT is redundant at best redundant. And some providers actually employ their own NAT server. But - given the potential for conflict - you might want to see what your provider recommends regarding NAT-enabled routers.

//greg//

So is it overkill to have both

In my case, yes. In your case, we don't yet have enough info to make that conclusion. My recommendation is still to contact your provider to see whether they have their own NAT. If they don't, your personal NAT should be no problem. If they do, they should be able to tell you what to do about the NAT feature in your router. On some, it's a simple user option that can be enabled or disabled.

//greg//

My isp is road runner turbo from time warner

This is what my isp said:

"We leave the firewall disabled so you can manage your own network."

If provider does not run NAT (which they most likely don't), your router running nat is (in my opinion) an absolute must.

If you are using port forwarding and/or hosting any servers or services from your home via your router -- SPI is not a must, but I would certainly make use of it if I were you.

If provider does not run NAT (which they most likely don't), your router running nat is (in my opinion) an absolute must.

If you are using port forwarding and/or hosting any servers or services from your home via your router -- SPI is not a must, but I would certainly make use of it if I were you.

Would hosting services include sling or voip like vonage I have my ps3 useing dmz

Technically yes, but those aren't what I had in mind.

I would suggest that if you are hosting a web server, ftp server, or other true server application that would constitute using SPI.

Services such as vonage, sling, and PS3 are fairly low-risk and you should be fine without SPI for those services.

Would it be paroina if I use both. Would you say its more about marketing or is it really safer

Given the response you got from the provider, I see nothing wrong with using both. Especially if you're paying for a private IP address. NAT protects your address, SPI protects your content.

//greg//

I know my log says I'm being protected from a lot dos attacks