Happy Trails Computer Club

home > security > overview > hackers > tools > firewalls
A good firewall has become much more important for online protection than anti-virus software. In fact, anti-spyware software has become more important too, but that's another story. Your computer can be compromised in just a few minutes of connection to the Internet if it's not protected by a good firewall.


Your ISP assigns a unique Internet address to your computer when you're online. Anyone can then attempt to connect to your computer at that address. That's just the way the Internet works. The purpose of a firewall is to keep intruders out by blocking all unauthorized access. A firewall allows responses to your outgoing requests, but stops unwanted incoming connections. For example, you send out a request to get your new email messages, and the email server responds with your mail. Some firewalls can block unauthorized outgoing connections as well. [more]

Firewalls have been effective against a new type of worm. These worms scan the Internet, looking for computers to enter. They work like automated hackers. If they gain entry to a computer, they start scanning the Internet for new "recruits" from that computer too. Soon there's a virtual army of infected computers trolling for victims. Firewalls can keep this kind of worm out of your computer because they block unauthorized entry.

Firewalls can also block a new form of spam that uses Messenger service in Windows rather than email (not to be confused with Windows Messenger). Messenger spam just pops up without warning in the middle of what you're doing. This spam can also be stopped by disabling Windows Messenger in Windows XP and 2000.

Firewalls cannot protect you from all threats. If you go online, you probably use email, visit Web sites and perhaps receive instant messages. You may also download files and programs. Any of these can carry malicious content. Firewalls do not block the content -- they only block connections. You need your wits, antivirus, and anti-malware software to protect you from malicious content.

Which firewall?

  • The Internet Connection Firewall (ICF) in Windows XP is a fairly good. You should activate it if you don't have another firewall. If you decide to install another firewall you should deactivate ICF to prevent conflict between the two firewalls. You could even end up with no protection at all if you don't.
    Update: Microsoft will include an improved firewall called -- surprise! -- "Windows Firewall" with SP2 in mid-2004.
  • I now use Outpost Firewall by Agnitum for all my new firewall installations. I have moved to Outpost on the basis of several reviews and personal experience with Outpost and a few others. I think it's the best one if you want a firewall that is robust, but not too confusing to use effectively.
  • ZoneAlarm is probably the best free firewall for the average user. Zone Alarm Pro adds more valuable options. [more]
  • There are many other firewalls. I recommend that you read some independent reviews if you're considering one of them.

Test your firewall

After you install a firewall, or make changes, there's a chance you have little or no protection. Usually it's an error in configuration. For example, I recently reinstalled a firewall for Linux and then forgot to re-enable it. You need to test your firewall, both when you install it and when you make changes.

Firewall reviews

The mother-lode of firewall reviews: http://www.firewallguide.com/software.htm

Firewall comparison by PC Flank: http://www.pcflank.com/art19.htm

Firewall reviews by Wilders: http://www.wilders.org/firewalls.htm

Top Software Firewalls: http://netsecurity.about.com/library/aatp020303.htm

"A person who is not outraged on hearing about the theory of quantum mechanics does not understand it." -- Niels Bohr
club stuff
   lost? > index
attack vectors
   web sites
   #  2  3
safe settings
   email client
safe practices
   file handling
defense tools
defense tests