What is a firewall

asks esmeharrison

A. A firewall is a security system that prevents unauthorised access to or from a private network�- they are usually used to protect your�computer from invasion, eg by�a hacker or�a virus from the internet, and a firewall is designed either to�block or to allow traffic to and from your PC.

�

Q. How does a firewall work

A. Firewalls employ different techniques - and they will probably use a combination of the following security measures:

�

(a) Proxy server: Intercepts all messages entering and leaving the network and effectively hides true network addresses.

�

(b) Packet filter: Will look at every packet entering or leaving the network and accept or reject it based on specific user defined rules.

�

(c) Application gateway: Will apply security mechanisms to specific applications, eg FTP servers. These work really well as a method of protection but can make your machine a bit slow.

�

(d) Circuit-level gateway: Will apply protection when a TCP or UDP connection is made. Once the connection has been made, packets can flow between the hosts without further checking.

�

Q. How vulnerable is my PC without a firewall

A. Basically, every time you connect to the internet your PC becomes vulnerable. If you have an always-on connection, eg ADSL or a cable modem, you are always vulnerable (if you have a fixed IP address as a result of your always-on status, your PC is easier to find on the internet, so can become a great target for hackers).

As broadband access increases in popularity, it seems likely that more and more home users will feel the need to install firewalls - just as companies who allow internet access from inside their networks have always done. In effect, a personal firewall isolates your PC from the rest of the internet and protects it.

�

Q. I have heard that firewalls prohibit all internet access or alert you to everything you are doing, which I would find really annoying is there any way round this

A. It really depends on how well you want to be protected. When you first install a firewall it will probably deny you access to the internet(known as 'deny by default'), but you have to tell it otherwise. It is in the setting-up of�you system that you can dictate how much interference you want to encounter from the firewall.

�

You have to tell your firewall what types of programmes you want to allow to be run on your system, and what you want to be able to connect to. You also need to�define high-, medium- and low-risk activities. It is worth taking a lot of�care at this stage to get your firewall set up right, as it can save you a lot of time later on.

�

Q. Can you recommend a good firewall

A. First of all you have to choose whether to have a software or a hardware firewall. A software firewall is easily installed and runs in the background of your system - you shouldn't know that it is working unless it alerts you to attack. These are usually cheap (or free) and easy to install - but they also take up memory on your system.

�

A hardware firewall is in effect a small box that acts as an intermediary between your PC and your modem - and provides greater protection at a much heftier price. It is usually installed if you're protecting several computers at once and can often be found in office environments. In addition, it does not effect the performance of your PC because it is not running on your operating system so cannot slow it down.

�

A personal firewall is usually suitable for all home PC use and should be all you need to protect your computer. Some of the best personal firewalls on the market include the following:

�

Zonealarm

www.zonealarm.com

Cost: free

If you're worried about understanding a firewall - it's all very well being alerted, but you have to understand what�the alerts�mean - then this�could be�the firewall for you.

It has a great tutorial for all users before you set it up on your PC, and once you are altered to any activity it allows you to choose whether you want to be informed of that type of occurrence in the future. You might think this is�the most obvious instruction you would want in any firewall,�but most of them do not have this.

�

Sygate Personal Firewall 4.0

www.sygate.com

Cost: free

�This is one of the best personal firewalls around -�and not only because it is free for personal use. It is quite easy to install and allows you to chose from custom filtering (which is probably your best option as it allows you to dictate what is and is not allowed), allowing all or prohibiting all internet activity.

The instructions are really easy to follow if you're not technically-minded. There is no unnecessary jargon, either -�which is really refreshing.

�

Norton Personal Firewall

www.symantec.com

Cost: �30

This firewall is easy to use and allows you to set your own parameters once you've installed the software. For example, you can set it up to allow internet connection�then set up the always-permit facility to your favourite websites or activities. And it will block adverts if you programme it to.

�

McAfee Personal Firewall

www.mcafee.com

Cost: �30

You can take this firewall on a limited-period trial basis from the above website, which is good if you're not sure what you're looking for. As with most firewalls, McAfee will block everything at first and you have to let it know what is and is not allowed at set-up.

�

Q. Is it possible to test the effectiveness of my firewall once I have got it up and running

A. Yes, you can request a probe into your firewall at http://www.grc.com. It will give a full report on what it found when it tried to pass your firewall and if it finds it at fault it will recommend a list of alternative firewalls to try.

�

If you have any other Internet & Technology questions, please click here

�

by Karen Anderson