Topic: What’s a Firewall, and Why Do I Care?

[Amker]

There’s often a lot of talk in security articles about the danger of “open ports.” This subject seems to be the cause of more confusion and excessive paranoia than any other that I can think of. So, here’s a breakdown:

Basically, network communication is analogous to trying to send letters to people in an apartment building. In order to communicate with someone in one of these buildings by letter in real life, you need to know the street address, the apartment number, and what language they speak. An IP Address is like the street address of an apartment complex, ports are like specific apartments in this building, and protocols are what language each resident speaks. If no one is living in a particular apartment, it’s kept closed up until someone moves in.

Here’s the main issue: An open port is like an apartment that has someone living in it, who can receive letters. A closed port is like an apartment that is locked up, so letters don’t get delivered. If a building does not have someone watching to see who’s in these apartments, things can get a bit dicey. Maybe they’re a fine, upstanding citizen, or maybe they’re running a burglary ring out of their apartment. If no one is watching, no one knows!

This issue is part of why CodeRed and Slammer were such a problem - fine, upstanding web servers were installed by default in certain versions of Windows, but most people were unaware of this. So when warnings started coming out, most people ignored them, thinking it didn’t apply to them. “Just so you know, there are some letter-bombs coming to Bob Smith in Apartment A!” If people were not aware there was a Bob Smith living in their building, they’d likely ignore the warning.

On most people’s machines this situation is the case to some extent. Firewalls are like a security guard at the front desk who approves people coming into and going out of the apartment building. If you know one of those apartment dwellers well, you can set a rule that it’s always okay to send deliveries to and from them.

This isn’t 100% foolproof–no building or software is 100% ironclad. There are ways around even the tightest security. But the bottom line is, it does increase your overall security to have that kind of awareness of what is going into and out of your machine.

[BGM]

Great Summary.
This might be a good place to add the pros of adding a software firewall like Zonealarm.
Many of us might have a router that has a built in firewall that provides : Denial of Service (Dos) protection and Intrusion Detection using Stateful Packet Inspection (SPI), URL access and content filtering, logging, reporting, and real-time alerts.

All of those capabilities are critical, however adding a SW firewall also provides very close control of what's going out into your network .   The router firewall usually does not have the capability to monitor what's going out from your computer.

Spyware, Trojans , and malware communicate via your internet commection and without the software firewall you might never know this is happening.

[duomaxwell22]

Great explanation. thanks

[nova041280]

It also keep you away from hackers

[nova041280]

in most cases virus enter because you dont have a good firewall installed in the system.i guess a good firewall is a primary defence against all threats

[nova041280]

A good pc security  should be a combination of firewall+ anti virus

[hema1999]

    * A firewall does not protect you from attacks and threats from within your network. As hard as it may be to believe, many attacks that do occur, are the result of a malicious user on your own network.
    * A firewall provides limited protection against viruses. To protect your network from virus attacks, computers must also be running anti-virus software.
    * A firewall does not protect a network from employee error and carelessness. Unfortunately, even the smallest error inadvertently made by an employee can wreak havoc on your network. Only policies, procedures, guidelines, and employee training can prevent these types of issues.
    * Finally, there are attacks that can avoid a firewall - such as a hack using a dial-up account. Unfortunately, in these situation, a firewall provides no protection.

[jhonas]

A combination of good firewall and antivirus makes our pc virus free and safe from hackers.

[KarenMarcus]

Well firewall not allow any type of virus to enter in the system, if you install it on your computer then it remain your system virus free.