Introduction
Your ISP assigns a unique Internet
address
to your computer when you're
online. Anyone can then attempt to connect to your computer
at that address. That's just the way the
Internet works. The purpose of a firewall
is to keep intruders out by blocking all
unauthorized access. A firewall allows responses to your outgoing requests, but stops unwanted incoming connections. For example, you send
out a request to get your new email messages,
and the email server responds with your mail.
Some firewalls can block unauthorized outgoing connections as well. [more]
Firewalls have been effective against a new
type of worm. These worms scan the Internet,
looking for computers to enter. They work
like automated hackers. If they gain entry
to a computer, they start scanning the Internet
for new "recruits" from that computer
too. Soon there's a virtual army of infected
computers trolling for victims. Firewalls
can keep this kind of worm out of your computer
because they block unauthorized entry.
Firewalls can also block a new form of spam that uses Messenger service in Windows rather
than email (not to be confused with Windows
Messenger). Messenger spam just pops up without warning in the middle of what you're
doing. This spam can also be stopped by disabling Windows Messenger in Windows XP and 2000.
Firewalls cannot protect you from all threats.
If you go online, you probably use email,
visit Web sites and perhaps receive instant
messages. You may also download files and
programs. Any of these can carry malicious
content. Firewalls do not block the content
-- they only block connections. You need
your wits, antivirus, and anti-malware software to protect you from malicious content.
Which firewall?
- The Internet Connection Firewall (ICF) in Windows XP is a fairly good. You
should activate it if you don't have another firewall. If
you decide to install another firewall you
should deactivate ICF to prevent conflict between the two
firewalls. You could even end up with no
protection at all if you don't.
Update: Microsoft will include
an improved
firewall called -- surprise!
-- "Windows
Firewall" with SP2 in
mid-2004.
- I now use Outpost Firewall by Agnitum for all my new firewall installations. I
have moved to Outpost on the basis of several
reviews and personal experience with Outpost and
a few others. I think it's the best one if
you want a firewall that is robust, but not
too confusing to use effectively.
- ZoneAlarm is probably the best free firewall for the average user. Zone Alarm
Pro adds more valuable options. [more]
- There are many other firewalls. I recommend
that you read some independent reviews if you're considering one of them.
Test your firewall
After you install a firewall, or make changes,
there's a chance you have little or no protection.
Usually it's an error in configuration. For
example, I recently reinstalled a firewall for Linux and then forgot to re-enable it. You need to test your firewall, both when you install it and when you make
changes.
The mother-lode of firewall reviews: http://www.firewallguide.com/software.htm
Firewall comparison by PC Flank: http://www.pcflank.com/art19.htm
Firewall reviews by Wilders: http://www.wilders.org/firewalls.htm
Top Software Firewalls: http://netsecurity.about.com/library/aatp020303.htm
|