Firewalls

Firewalls are more important for online protection these days than anti-spyware or anti-virus software. A hacker or Internet worm can invade your computer in a few minutes if you connect it to the Internet without one.

Mucho Importante: Be sure you uninstall any firewall you have currently installed, including previous versions of the same one, before you install a new one. (Just disable the Windows Firewall if that's all you have.)

What does a firewall do?

The main purpose of a firewall is to keep intruders out. Your ISP assigns a unique Internet address to your computer when you're online. It's one of a long series of numbers (4,294,967,296).

Hackers and network worms can roam though thousands of these addresses in an hour. Sooner or later they will invade a computer that doesn't have a firewall -- sometimes in minutes. It's like telemarketing on steroids.

The concept behind firewalls is simple. They policy is "Don't call me, I'll call you." They simply ignore external connection attempts, and allow only the connections that you initiate.

For example, when you ask for your email, the firewall remembers the details of that request. It then accepts the matching response when it arrives from the email server.

When you access a Web page, the firewall checks the response against your request. If it matches, it allows it through to your browser. Some firewalls can block unauthorized outgoing connections as well.

Firewalls are effective against a virulent "network" worms too. These worms scan the Internet, looking for computers to invade. If a worm gains entry, it starts scanning the Internet, using the newly infected computer, looking for more "recruits". Soon there's an army of "zombie" computers trolling the Internet for more victims.

Firewalls can also block a new form of spam that uses Messenger service in Windows rather than email (not to be confused with Windows Messenger). Messenger spam just pops up without warning in the middle of what you're doing. Disabling Windows Messenger in Windows XP will also stop this spam.

A firewall is not enough

Firewalls will not protect you from all threats. You probably use email, visit Web sites and perhaps receive instant messages. You may also download files. Any of these can carry malicious content into your computer. The firewall happily lets it through because you asked for it, i.e., you sent the request for the content. It just turned out to be malicious.

Firewalls do not block malicious content. They only block connections. Your own common sense -- augmented by anti-malware and anti-virus software -- is all there is to protect you from spyware, viruses, some worms, and Trojans. Firewalls do stop hackers and some of the most virulent worms.

Test your firewall

After you install a new firewall, or make changes to it, there's a chance you'll have little or no protection. Usually it's due to an error in configuration. I once reinstalled a firewall, and then forgot to re-enable it. There was no protection at all. The safeguard is to test your firewall. I test them when I install them, when I make changes, and about once a month just in case.

Which firewall?

There are many good firewalls available for home users. I've recommended what I think are the best in Step 1: Install a Firewall.

NOTE: Even if you install SP2 (Service Pack 2 for Windows) on your computer, you may not want to uninstall an existing firewall.

Hardware firewalls are less vulnerable to attack than ordinary (software) firewalls. For example, the new "Windows Firewall" in SP2 for Windows was designed so that it can be turned off. It won't be long before hackers and worms take advantage of that. They are also able to turn off many antivirus programs.

The firewall in Windows Vista is getting a thumbs down. However, this relates outgoing traffic observation, not its capability to block incoming attacks. If you take pains to keep your computer clean, you don't need outgoing protection anyway.

More on the Web

"Keep Hackers Out", at PC Magazine, is a comprehensive yet easy to read article about intrusion and firewalls. Look for the "Print" logo there if you want to read the article all in one piece. Links to more firewall information on the Web.