Who's Watching logo

Hot Topics

  • Mobile Data Security
  • Phishing Scams
  • Social Networking Sites

Other Stuff

  • Your Password
  • Viruses
  • Firewalls
  • Spyware & Adware
  • Your Paper Documents
  • Shopping Safely Online
  • Kids’ Safety Online
  • Identity Theft Recovery
  • Glossary
  • Cyber Security Tips
link to www.staysafeonline.org
  • Events
  • Topics
  • Resources
  • Tips
  • Press
  • About

Firewalls

Your first line of defense

Sponsors

We gratefully acknowledge the generous contributions and support from our sponsors. The “Who’s Watching?” campaign owes a debt of gratitude to these companies for furthering the cause of cyber security awareness in our community. We thank them knowing that our efforts would not be complete without their support.

Current sponsors:

IBM logo

SANS logo

Identity Finder logo

Past sponsors:

Dell

Apple

Embarq

Office Depot

PrintSource

Worms and viruses poster from Indiana University

Copyright Trustees of Indiana University, 2006

What’s a firewall?

A firewall prevents unauthorized Internet traffic from entering or leaving your computer. It inspects all information coming and going from your computer, and blocks all communications from unauthorized sources.

Firewalls provide protection against outside attackers by shielding your computer or network from malicious or unnecessary Internet traffic. Firewalls can be configured to block data from certain locations while allowing the relevant and necessary data through.

A firewall may be a lesser-known form of protection than anti-virus and anti-spyware programs, but having one in place is just as important for protecting your computer. It is especially important for users who rely on “always on” connections such as cable or DSL modems.

How do firewalls work?

A computer firewall works much as a physical firewall does—keeping fires from spreading from one area to the next.

A computer firewall isolates your machine from the Internet by inspecting and filtering each individual “packet” of data as it arrives at either side of the firewall—inbound to or outbound from your computer— to determine whether it should be allowed to pass or be blocked. If an incoming packet of information looks suspicious to the firewall’s filters, it is not allowed through.

I’m not really a target, am I?

Absolutely. Unscrupulous people will try to access or abuse unprotected computers at any hour of the day or night. Don’t have a firewall? You will be target. It’s just a matter of time.

A firewall can protect you from:

  • Application backdoors and remote logins - Some programs contain bugs that provide hidden access to your computer, which could allow an intruder to connect to your computer and control it remotely, viewing or accessing your files or running programs on your computer without your knowledge. Firewalls warn you when someone is trying to intrude.
  • Email hijacking - Intruders can send unsolicited spam from your unprotected computer to thousands of users, disguising the spammers’ true location and making them harder to trace. Firewalls can block them from doing this.
  • Source routing - Hackers can sometimes make information appear to come from a trusted source—even from inside your network. Most firewall products disable source routing by default.
  • Denial of service attacks - These occur when hackers purposefully take a website down by sending so many requests to its server, it gets overwhelmed and stops working. Firewalls can help prevent this from happening.

What type of firewall is best?

You can get either a hardware (external) or software (internal) firewall. You may even combine both a hardware and a software firewall for maximum protection.

Some computer operating systems have built-in firewalls. Microsoft includes a basic firewall with Windows Vista and XP, and Apple includes one with Mac OS X. These are simple programs, but they’re far better than nothing. Just be sure your built-in firewall is activated; sometimes they aren’t.

While both internal and external firewalls have their advantages and disadvantages, using a firewall at all is more important than which type you use.

Hardware firewalls

Typically called network firewalls, these external devices can be bought at most electronic stores. Hardware firewalls are positioned between your computer or network and your cable or DSL modem. Many vendors and some Internet Service Providers (ISPs) offer routers that also include firewall features. (Check with your provider to find out about yours).

Hardware-based firewalls protect all the computers on your network, not just one machine. And a hardware firewall works as an appliance, allowing you to delegate your security to a device that specializes in it. The major drawback is cost, but many products are available for less than $100.

Software firewalls

Some operating systems include a built-in firewall; if yours does, consider enabling it to add another layer of protection, even if you have an external hardware firewall.

If you don’t have a built-in firewall, you can obtain a software firewall for relatively little or no cost from your local computer store, software vendor, or Internet Service Provider (ISP).

Although relying on a software firewall alone does provide some important protections, realize that having the firewall on the same computer as the information you’re trying to protect may hinder the firewall’s ability to catch malicious traffic before it enters your system.

Not a panacea

While properly configured firewalls may be effective at blocking some attacks, don’t be lulled into a false sense of security.

Firewalls can’t protect you from everything. But using a firewall in conjunction with other protective measures (such as keeping your operating system up-to-date, using anti-virus software, and practicing safer Internet habits) will strengthen your resistance to attacks.