Detox-Comic

The Firewall

The original meaning of the word firewall was a wall that is designed to stop a fire from spreading beyond a particular point. The IT industry adopted the term to describe software (or hardware) that prevents unauthorised connections past a certain point.

Think of the firewall as a doorman stood at the entrance to your computer checking the ID of every connection that wants to get in to see if they are on the list. If they are not on the list they are not getting in.

Firewalls come in all shapes and sizes. When you access the internet you are going through a firewall of some kind. Home broadband routers feature varying kinds of firewall from basic NAT (more on this later) to configurable firerwalls where you can program your own access rules. For example you may wish to allow your games console to receive incomming traffic on a specific port. Companies use server firewalls and public wifi hotspots will use something similar to your home broadband router with an authorisation process.

In order to protect your own personal PC, whether a desktop computer or portable device such as a laptop or tablet, it is extremely recommended that you have a software firewall installed.

Microsoft Windows comes with it's own basic firewall, aptly named Windows Firewall. You can find this in the Control Panel under System and Security. Windows Firewall is turned on by default. It is a basic firewall and therefore most people look around for a third party firewall to install in order to provide a higher level of security. Computer viruses and malicious software target the Windows Firewall in order to add permissions allowing them access or to disable it completely. Many anti-virus software companies offer their own firewall software to either work with or replace Windows Firewall. Windows will detect and tell you if you have no working firewall enabled.

My own preference is to use a third party firewall that offers more control over which programs on my PC can access the internet and which incomming connections I wish to allow. It will mean that the software will have to go through a learning stage after installation, meaning that you will have to deal with a pop-up asking you if the application that is trying to access the internet is trusted or not and whether you wish to allow access temporarily or permanently. After a while the firewall will have built a list of permissions and will only ask you about changed or newly installed programs.

NAT

I mentioned NAT earlier. It's an acronym that stands for Network Address Translation. Essentially your broadband router acts as a kind of switch. All traffic to and from the internet arrives at and leaves from your router. All devices in your home connected to your router are given a unique local IP address. When traffic arrives at the router from the internet it has the job of working out which device the traffic is meant for and routes it accordingly. If incomming traffic is unsolicited, in that the router has no record of a connected device initiating it, then it ignores it.

A good router will be in total stealth mode in that any attempt to probe it for a way in will result in no response. If it responds telling the probing computer that it is rejecting it's connecion attempts then that is not stealth mode as it is telling all and sundry that it is there. To test if your router is operating in stealth mode use the free ShieldsUp! tool at www.grc.com

Advantages of having a personal software firewall on your PC

In addition to protecting your computer from malicious software and computer hackers there are a few advantages in being able to control which software installed on your computer can access the internet:

  • You can block access to software that only needs access to collect and send usage data, to check your licence status or to serve you adverts from the internet
  • You may wish to block peer-to-peer software or file transfer software, except when you need to share or transfer files yourself
  • You may wish to reduce bandwidth usage, for example if you have a usage limit set by your internet service provider

Final word

Think of the firewall software installed on your PC as your computer's first line of defence protecting you from all the nasties out there on the internet. Without a firewall your computer is totally exposed. Your anti-virus and anti-malware software may catch some of the nasties getting in but not all and are fairly useless against hackers. With a software firewall your portable computer is protected when you connect to any network, whether at home, at work or at a public wifi hotspot.

Last updated: 7th May 2016

Click here for more information on how to secure your PC