Firewall Basics

By Vince Barnes

Your Anti-Virus is in place.
It's bang up to date.
You're all set, right?
Not at all -- read on!

 

Having an up-to-date anti-virus program in place is the first and most basic line of defense in your computer.  Without it, your computer will sooner or later be contaminated with virus software.  The resulting problem may be anywhere from annoying to disastrous.  It is an essential line of defense, but it is by no means the answer to all your problems.

Unfortunately for those of us who seek to improve the quality of life for everyone, there are those who, for some reason of their own, intend to make life worse for everyone.   This group includes the "cracker" or "script kiddy" whose intention is to break into your computer and leave a mark by destroying something of value to you.

Don't confuse these characters with the "hackers" of old.  "Hackers" intent was to break the lock and open the door by using their wit and wiles.  The "cracker" or "script kiddy" intends only to get into your computer -- probably using some tool found on the internet, the workings of which they probably don't understand in the least -- and having opened the door, steal or destroy all they can.  This malicious intent is what makes these characters so dangerous to your computer.

You need to add a firewall to your defensive strategy.  A firewall makes things a lot more difficult for the invader to get into the computer.  While there is no such thing as a fully secure internet connected computer, you can get pretty close with good firewall protection.  The idea is to make your defenses strong enough that the next person's computer is an easier target so the typical assailant will go for it and give up on yours.  The highly skilled cracker isn't likely to spend their energies going after your pc when there are banks and corporations to be had.

There are two categories of firewall than you can use.  The first is a software firewall, the other is a firewall built into an external device such as a router.  Both have value.

A software firewall is a program that sits in your computer and monitors all traffic on your internet connection.  It only allows certain types of traffic through, thereby making it much harder for the cracker to get their malicious code into your machine.   Windows XP has a firewall built in.  If you go to the "Properties" dialog of your network connection, on the "Advanced" tab you will find "Internet Connection Firewall".  It is turned off by default.  You can turn it on with one click and it will already be configured suitably for a typical home use machine.  If you need to fine tune its rules, you can click on the "Settings" button and configure the details of the firewall.  The is also very informative help available (Click on "Learn more about Internet Connection Firewall" on the "Advanced" tab.)

There are plenty of software firewalls available on the Internet.  Stay away from those produced by small or less well known manufacturers unless you can be certain of the quality of their work and that they have not provided themselves a "back door" (a means whereby they can get through their own firewall.)  Two of the better known firewalls are Zone Alarm and Black Ice Defender.  If you use one of these firewalls, make sure you stay up to date with updates and patches.  (Windows' built-in firewall is updated by Windows Update, which you, of course, already use.)

There is no reason not to use a software firewall in your computer, unless some specific program that you require prevents its use.  It is usually better to use the firewall and tweak the configurations of both the firewall and the other program until they work together, rather than to not use the firewall.  A software firewall in your PC is a good thing to use even if you have an external firewall.  There is no such thing as a PC that is "too secure".

External firewalls, like those built into better routers, are very simple to use.  If you have a broadband connection and use such a router, it will not only provide a pretty good level of protection for you, but also enable you to share your connection with several computers.  These devices have dropped dramatically is price over the past few years and are now well within the means of a typical home PC owner.  I highly recommend that you use one, even if you don't need the sharing capability.  They are a quick and easy way to provide a barrier between your PC and the hostile world of the net.

Two guys find themselves trapped in a cave with a mountain lion sitting just outside the entrance.  After two days of the cat not leaving, they decide they will have to make a run for it.  "Wait while I put on my running shoes," says the one of them.  "What's the point?" comes the reply, "even with them on, you'll never outrun a mountain lion."  "I'm not trying to outrun a mountain lion," says the first.

Such is the defensive strategy of firewalls!  While they may never be a 100% block, they will make you a harder target than the next guy.  Don't be the easy target!

Make a Comment

Loading Comments...

  • Web Development Newsletter Signup

    Invalid email
    You have successfuly registered to our newsletter.
  •  
  •