PC Tonic

If I ask you about the security tools that you use on your computer,
>almost all of you will name some antivirus
>most of you will name an antispyware
>a very few will add a firewall to the list

Firewalls, for long, have stayed very unpopular with most of the Internet users because they either supposedly ‘block everything’ on their computer, or they show repeated alerts. If you are one such firewall-hater and you have turned off your firewall for good, think again. A firewall is the most important part of an internet security suite and it’s absence makes your computer HIGHLY vulnerable! You may manage without an antivirus or an antispyware for some time, but you need your firewall all the time.

I have posted answers to some common questions on firewalls. This will hopefully help you change your opinion on firewalls.

What is a firewall?
A firewall is a security tool that safeguards your computer against attack from hackers, when your computer is connected to the internet. It also monitors which programs from your computer are allowed to access the internet and which are not.

I use an antivirus and an antispyware. Why should I bother for a firewall then?
Antivirus and antispyware are vital security components that protect you from viruses, spyware, trojan horses, worms and other forms of malware. However, this does not guarantee total security. A firewall protects you from hackers, who are real life human beings and not just some program code like a virus. Without a firewall, hackers can easily gain access to your computer and use it (or rather MISUSE it) as if they are the ones sitting in front of it!

How does a firewall work?
A firewall monitors all the ports of your computer and immediately closes the unused ports. A port is a gateway through which data is transferred to and from your computer. When some program on your computer accesses your computer, it opens a specific port and terminates after it’s job is over, thereby leaving that port open. If a hacker somehow finds this open port, he can easily gain access to your computer and take complete control of it. A firewall comes in handy at this time by immediately closing the port once the program terminates, thereby blocking the hacker’s entry. You may envision a firewall as the border security guard of a country (which is your computer).
In addition, a firewall also monitors the behaviour of programs on your computer.
Details under “Why does my firewall alert me so much?”.

Where do I find my firewall?
A firewall runs constantly in the background, so you can find it’s icon (it should resemble the picture given here) in the System Tray. The System Tray is the place near the clock, and it shows the icons of all your active programs.
Some firewalls operate in Stealth Mode. You won’t find such a firewall’s icon in the System Tray. You have to press Ctrl + Alt + Delete to open the Windows Task Manager and locate your firewall from the list of running processes.
If you use the Windows Firewall (only for Windows XP SP2 and Windows Vista), you can check it’s status from Control Panel > Windows Firewall.
The Security Center can also help you to check which firewall you have got (only for Windows XP SP2 and Windows Vista). Go to Control Panel > Security Center. Your running firewall will be displayed under the Firewall tab. The Security Center also alerts you when your firewall is turned off.

My firewall blocks everything on my computer, so I am forced to shut it down.
A firewall usually has three operating modes – the Learning mode, the Block All mode and Allow All mode (the names may be different depending on which firewall you use). In Allow All mode, the firewall stops functioning and allows everything to go out from and come into your computer (hence it is NOT recommended to put a firewall in Allow All mode). In Block All mode, it blocks all types of internet activity on your computer. Please see the next point for Learning mode.
Someone might have put your firewall in Block All mode; so just open it and switch back to the Learning mode.

Why does my firewall alert me so much?
A firewall is like any other program, brainless and stupid. It does what you ask it to do. When you install a new firewall on your computer, it goes into Learning mode by default. Every time a program from your computer tries to access the net, your firewall will ask you whether you want the program to have internet activity or not. If you want to temporarily allow the program, select “Allow”. If you want to permanently allow the program to access the net (so that the firewall will not alert you the next time the same program goes online), make sure that you select the check box that says “Remember this in future” (or any other similar message). Similarly, select “Block” to temporarily block a program and additionally select “Remember this in future” to permanently block it.
To get less alerts, you should always either permanently allow or permanently block programs on your computer. Also scan your computer with your antivirus and antispyware to make sure that there are no malware (if you have a malware it might be attempting to access the internet and so you might be getting the repeated alerts from your firewall).

By mistake, I permanently blocked (/allowed) a program that I wanted to allow (/block). What do I do now?
When you permanently block (/allow) a program, your firewall automatically creates a rule for it so as not to alert you in future. In order to allow (/block) the program, open the Program Rules (the name may vary depending on your firewall) and transfer the particular program from the Blocked (/Allowed) list to the Allowed (/Blocked) list.

Why doesn’t my firewall ever update, whereas my antivirus and antispyware regularly do?
A firewall simply decides the way your computer behaves when it is connected to the internet, by creating a set of rules. Unlike antivirus or antispyware, it does not protect you from constantly evolving new threats. However some firewalls do update themselves to fix program errors.

Can I use more than one firewalls on my computer?
You can, but it NOT recommended. Like antiviruses, more than one firewall can slow down your computer and cause driver conflicts.

I have heard that Avast! is an excellent firewall, what do you say?
It is really ridiculous that many people recommend Avast! as a firewall. If you too have joined the Avast-is-a-good-firewall bandwagon, read this aloud: Avast! is NOT a firewall. Alwil Software, the maker of Avast! range of products, focuses on making only high quality antivirus software. So, chant this mantra again and pass it on to others in the Avast-is-a-good-firewall bandwagon: Avast! is NOT a firewall.

OK, Avast! is NOT a firewall. So what’s a good firewall?
Firewalls are rated after taking factors such as resource usage, leak test efficiency**, cost, user interface, frequency of version upgrades etc. into account. Comodo Firewall Pro* from the Comodo Group has constantly topped the charts in tests conducted by various organisations, with high scores in ALL the sections mentioned above. It is completely free for personal and private use. I will recommend you to use Comodo Firewall Pro for best protection. However, you may choose some other free firewall from my Firewalls post. ZoneAlarm Pro, Agnitum Outpost, Ashampoo Pro Firewall are some good non-free firewalls, but Comodo Firewall Pro beats them all.
If you use Windows XP with Service Pack 2 or Windows Vista, you can use the Windows firewall from the Control Panel. Windows firewall in Windows XP does NOT provide outbound protection, i.e., it will protect you from hackers but will not monitor the behaviour of your programs.
Please note that all internet security suites come with their own firewalls, so you should not download a third party firewall if you are using some internet security suite.

Is Windows Defender a firewall?
No, it is an antispyware utility from Microsoft.

I have Windows XP, but I cannot find the Windows Firewall in Control Center.
You need to install Service Pack 2 from Microsoft on your computer to get the Windows Firewall. You may download it HERE.

Hopefully you are now a firewall lover now!

[Notes]
* Only software firewalls have been considered in this post.
** A leak test is used to test how well a firewall protects your computer. The leak test software triggers a pseudo external attack on your computer and your firewall has to block it. The program also tries to connect to the internet by bypassing your firewall (i.e. without your firewall’s knowledge). Ratings are provided based on your firewall’s efficiency.

Still find something missing? Post a comment and let me know!