What is a firewall?


Bookmark and Share
What is a firewall (and why you need one)?
A firewall is protective barrier between you and the rest of the computers you are connected to. When you go on to the internet you are visible to the outside world. (If you weren't, then there would be no way to get a web page to your browser!) You are visible through something called a port. A port is service available to you. There are many thousands of these ports (services), and each is given a number. The three ports (services) you use most often are the world wide web (port 80), Incoming email (typically port 110), and outgoing email (usually port 25). The idea of a firewall is to close off the ports (services) you're not using. If you don't, then your open ports are an invitation to others to raid your computer! If you only have one piece of security software on your computer then it has to be a firewall. Unless your computer is not connected to the outside world, this is a must-have.

What kind of things can happen if I don't have a firewall?
If you do a fresh install of Windows XP, and leave it unpatched, your computer will be attacked within minutes. You'll be attacked through your open ports, and bombarded with popup messages; Trojans, viruses and worms will be loaded behind your back; Spyware and Malware will clog up your browser. In fact, PC Format magazine recently (issue 194) ran this very experiment. Their unprotected PC was unusable after about 2 and half hours! Having a firewall in place would have prevented some of these attacks. (But not all - XP should have Service Packs 1 and 2 installed before it's allowed on the internet.)

Even if you have all of XP's service packs and updates, not having a firewall means somebody will eventually find an open port on your computer. If they can install a Trojan on to your PC, they'll be able to control it! (See our Trojan section for more details on this topic.)

How Firewalls help protect you
Most firewalls, like the one built into Windows XP, will alert you about suspicious incoming traffic. Anyone trying to gain access to your PC will hit the firewall first. The firewall deflects the attack, and gives you a warning about it. But a good firewall like ZoneAlarm will also warn you about suspicious outgoing traffic (XP's own firewall doesn't do this). So the best firewalls do both - tell you about incoming and outgoing traffic.

The Types of Firewall
For the general user, you can place firewalls into two simple categories: hardware and software. A hardware firewall can be a router that sits between your computer and the outside world. You can plug more computers into the router, and each will be protected by the firewall that's part of the router.

A software firewall is one like ZoneAlarm. You install it on your PC, and it will hide open ports, deflect incoming attacks, and warn you about suspicious outgoing traffic. For added protection, you can have a software firewall on each computer that sits behind the router. An attacker would have to be very determined to get through your router's firewall and your software firewall!

Which firewall should I get?
If you have something like a wireless router then you'll probably already have a firewall. You should check your router's configuration pages to make sure it's turned on. (Some of them are actually turned OFF by default!) Once your router's firewall is turned on, you can install a software firewall on each PC that's connected to the router, just for added protection.

If you're not behind a router, then you need a software firewall. If you have Internet Security software like Kaspersky then it will probably include a firewall as well. You should check, though. If you haven't got any Internet Security software then we highly recommend the free version of ZoneAlarm. This piece of software has been available from ZoneLabs for some time, and has a very good reputation.

Home and Learn Recommended Free Firewall: ZoneAlarm Basic

But to recap: If you don't have a firewall, and your computer is connected to the Internet,