All About Firewalls
A personal firewall is a software application which filters traffic entering or leaving your computer.
When you're connected to the Internet, information is flowing to and
from your PC in a near-constant stream through your PC's "ports". There
are thousands of "ports" and they are like little gates that let
information in and out.
Some of the information moving through the ports is obvious to you. For example, when you :
- send and receive emails ;
- access a website ;
- fill in and submit a form on a website ;
- download software like MailWasher Pro or Benign.
However, a lot of information flows to and from your PC without you knowing about it. This can include:
- your copy of Windows talking to the Microsoft website to check for security updates ;
- software applications talking to their own companies' websites to check for new versions ;
- anti-virus software checking for the latest virus updates.
Most of this invisible information flow is good. However, some of it poses a grave threat to your PC and your privacy.
Your email isn't the only way bad things can get into your computer.
They can come in through your PC's open ports without you even knowing
about them. The "Blaster" worm of August 2003 was the most
widespread example of this. In case you don't remember, that was the
one that caused your PC to shut down about a minute after you'd started
If you leave your PC's ports open and don't monitor them, you're at extreme risk of the following nasties :
VIRUSES: Programs or pieces of code that "infect" one or more
of the programs on your PC. Basically, your programs "get sick" and
start performing in weird ways, which sometimes can lead to a system
WORMS: Malicious programs that propagate over a network,
reproducing as they go. Worms cause the same effects as viruses but
they are more dangerous since they spread by themselves.
PORT SCANNING: Hackers scan the open ports on your PC to figure
out if they are open or exist at all. If your computer reports an open
port, a hacker can send a worm and virus to it. They can even use an
open port to take control of your PC.
COOKIES: Small data files placed on your PC by a website that
you've visited. A cookie can store your personal information after you
enter it online. For example, if you type in your credit card number, a
cookie might store it till you come back next time. This is not a bad
don't need to keep entering your personal details. But problems can
occur when other people decide to use your credit card too!
TROJANS: Programs that appear legitimate but do something
illicit when run. Just like the wooden horse the Greeks gave Troy as a
"gift", users mistake the Trojan for a useful or interesting program
that they choose to download. Once installed and run, Trojans can
secretly open remote access channels to hackers, relay passwords and
credit card data or destroy user files. It's similar to a virus but
generally does not replicate itself.
DENIAL OF SERVICE (DOS) ATTACKS: This kind of attack happens
when a hacker finds a responding port on your PC and sends a huge
amount of data to it. The port is just unable to accept all of the
data, the system resources exhaust, and the system crashes and denies
SPYWARE: These are programs secretly placed on your PC that
gather information about you (such as your surfing habits, what other
software you have on your PC, etc.) without your knowledge or consent.
Spyware is mostly used by on-line or software companies for marketing
So how does a firewall help to stop all of these bad things from happening?
As I said at the start, a firewall controls communications to and
from your PC. It permits or denies communications based on a Security
According to the security policy you set for it, a firewall can ...
- make your PC invisible on the Internet. Your ports don't just appear closed, they don't even appear at all. This is very good !
- automatically block suspicious incoming traffic ;
- alert you every time a program on your PC tries to send
information to another computer. This stops spyware and trojans from
sending hackers your confidential information, such as credit card
details and passwords ;
- do a lot more things too, but these are the most basic and important functions it carries out.
So in short, if you don't have a firewall installed, then as soon as
you connect to the Web (before you even start your browser or e-mail
client) you are open to attack - because some or all of your ports are
open and unmonitored. A firewall is especially important if you have a
high-speed Internet connection. Hackers love to take over broadband
machines because then they can use them to spread spam even faster!
Now you're probably wondering where to get one of these firewalls, aren't you?
There are some good firewalls around, but the one that we all use here in the office is Outpost Pro,
made by Agnitum. We recommend it to our customers - it's a great
product. It's easy to use if you're a beginner and if you're more
advanced, it gives you lots of different options. Check out the Outpost
website. We've set up a link to it from the Firetrust site :
And tell 'em Nick Bolton sent you !