Firewalls for the non-technical

What is a Firewall?

A firewall protects the files and programs on one computer from users on another computer. A firwall blocks unexpected connections to a protected computer or network, while giving the protected computers the ability to connect to networks outside of the firewall through expected routes.

Why bother with a firewall? Who wants to connect to my computer?

Unfortunately, there are many reasons that malicious people might wish to connect to any computer they can find and use it for nefarious purposes. This is a list of examples, there are many more...

  1. Viewing or stealing information such as watching your access to secure services e.g. internet banking.
  2. Using your computer resources to hide their tracks
    1. Spammers route their content from compromised computers
    2. Virus writers use compromised computers to send out their products
    3. Blackmailers use compromised computers to hide themselves
    4. Part of an attack on other computers e.g. Distributed denial of service
    5. Use your computer to steal money
    6. Any combination of the these and many more...
  3. Use your computer for their own illegal purposes e.g.
    1. Storage of illegal materials
    2. Hosting phishing web sites - Phishing sites generally only stay up for a couple of days at most, so a home computer that is left switched on and connected via broadband is an ideal target
  4. Feed back information about your computer usage through spyware.

A firewall reduces the possible to make unauthorised connections to or from your computer, but no Firewall, or any computing technology is flawless and impenetrable.

What are the main types of Firewall?

There are two main types of firewall for the domestic user.

Software Firewalls

These are programs that run on your computer at the same time as any other programs. Windows XP comes with a built in software firewall which works, but is quite weak, and has been reported to prevent some legitimate programs from working properly. Because the XP firewall is built into the operating system it means that viruses or trojans which compromise the computer can disable firewall functions.

Other firewall software can be downloaded or purchased. Some of the free downloads are quite good, but quality and support vary. It should also be noted that an organisation might intentionally provide a "free firewall" which it knows how to get through, so care should be taken.

Purchased firewall software from reputable companies such as the GBMcAfee Personal Firewall is generally a good solution and easy to set up if you only have one computer connected to the internet.

Hardware based Firewalls

DG834GHardware based firewalls exist separately to the computer or network that they are guarding. Typically they are built into Broadband routers such as Netgear's "DG834G Wireless ADSL Modem Firewall Router". These types of device are dedicated to providing connection and firewall facilities, so their firewalls have fewer ways of being compromised by external computer on the internet.

Firewalls and File Exchange programs

Many file swapping programs (often known as peer-to-peer networking) need users to change settings on firewalls in order to work. These changes, combined with running, the exchange programs provide a significant security threat, as they compromise the firewall. Peer-to-Peer networking programs are designed to permit other computers to communicate directly through the firewall, they permit them to install files on your computer and many malicious programs exploit this behaviour.

Current Virus Information from McAfee

All material on this page is copyright (c) 2007 David Clarke, of