What is a firewall and why do you need one?

Tue Mar 4, 2008 12:06PM EST

See Comments (22)

Of the many computer security measures available to end users, none is more confusing to the novice than the firewall. I can understand why. Unlike anti-virus or anti-spyware tools, a firewall doesn't immediately telegraph what it does. I wouldn't be surprised if many people thought it was designed to prevent fires inside your computer. (It doesn't.)

I'm writing this post for novices, so please forgive any over-simplifications. Basically, a firewall is software (or hardware) that blocks malicious attacks on your computer from coming through over the internet. But wait, you might say, don't most malware attacks, like viruses, come over the internet? They do, but the difference is that with viruses and spyware, there is generally some human interaction that starts the infection: You might open an infected email or visit a bad website, for example. Anti-virus software helps in these situations where you're actively involved in the process.

But believe it or not, many, many computer attacks come over the internet even if you aren't at your desk and your web browser and email client are closed. Thanks to the millions of zombie PCs in the wild, attack computers are constantly scanning the internet, almost at random, looking for unprotected computers to attack. These zombies continuously scan for security holes (and I won't go into the intricate details of how this works), many of which are caused by Windows. It's like walking down the street, trying all the car doors to find one that's unlocked. If your computer is connected to the internet, they will find you—fast. Before a firewall was added to Windows XP in Service Pack 2, it was commonly held that an unprotected Windows machine connected to the internet would be infected with some form of malware within 20 minutes and in some cases as quickly as 4 minutes. Just plug it in, and the bad guys do their work.

So where does a firewall come in? A firewall plugs the security holes I mentioned and blocks that bad, random traffic from coming through to your computer. Anti-virus won't help you in many of these cases. You really need a firewall to stop a lot of this stuff.

The good news is that you probably already have a firewall up and running. The best firewalls are found inside router hardware (either wired or wireless) that you attach to your broadband modem. Every router I've ever tried has the firewall turned on by default, but check in the configuration tool to make sure it is. It should be easy to find. You usually need not configure it any more other than turning it on.

Don't have a router? Turn on the Windows Firewall by going to the Windows Firewall control panel (in XP or Vista). It also needs no additional configuring, and in my experience it is just as good as using a third-party firewall software product. You do not need both a router-based firewall and the Windows firewall. One will do.

Once your firewall is on, you can largely forget it and let it do its work. You may not notice this silent friend protecting you in the background, but believe me, you'll notice if you turn it off.

Comments on What is a firewall and why do you need one?

Post a Comment

Join in the discussion. Here you'll see the comments in the order they were posted.

  • 2 Posted by sheelah_n on Thu Sep 3, 2009 9:18PM EDT Report Abuse

    Thank you. I really had no idea. I'm a little ways beyond a novice user but still had no idea what it ACTUALLY did. Good thing I've always used one

  • 3 Posted by willywirkswell on Thu Sep 3, 2009 10:47PM EDT Report Abuse

    There's many ways malicious software can get on a pc and neither a firewall nor an anti-virus, or both, will prevent all of them. Routers tend to concentrate on blocking unwanted in-bound traffic. The Windows firewall is pretty useless. It's essential to have a software firewall that prevents information leaking out.

  • 4 Posted by agustin2489 on Thu Sep 3, 2009 2:47PM EDT Report Abuse

    Typically, it's a pick-your-choice sort of scenario when it comes to choosing between firewall software. However, I found that McAfee and Windows Firewall (not counting the Vista firewall) aren't especially effective. The Vista firewall is actually pretty powerful in terms of customization. If you need a good, free firewall solution, use Avast. It might be a bit annoying in terms of notices but I find it helpful to know exactly what's going on.

  • 5 Posted by stuart_dunkeld on Thu Sep 3, 2009 9:45PM EDT Report Abuse

    It's essential to have a software firewall that prevents information leaking out No, it's optional. I don't use OSX's firewall, or Windows firewall, as I have a router, and I have zero problems that way.

More Posts: First Prev 1 2 Next Last

Post a Comment

Sign In to Post a Comment

My Tech

Please enable your browser's cookies to activate the My Tech column.

Also on Yahoo! Tech

Computers Home Office Wi-Fi & Networking Phones & PDAs Cameras & Camcorders TV & Home Theater Portable Audio
 

Site Map | Tour | Subscribe to Yahoo! Tech

Question and Answer content at Yahoo! Tech is written by Yahoo! users at Yahoo! Answers. Yahoo! does not evaluate or guarantee the accuracy of any Yahoo! Answers content. For more information, read the Full Disclaimer.

Opinions expressed by the Advisors are their own and do not necessarily reflect the views of Yahoo! Inc. Yahoo! receives no compensation from any manufacturer or distributor nor does it compensate any Advisor for the coverage of any product or service in any Advisor's content.