You have probably already heard just how important firewalls are for your security protection, but do you really know why? Many people don’t, if the firewall references in movies, TV shows, and other popular media are any indication.
A firewall sits between your computer (your local network) and another network (usually the internet). It controls both incoming and outgoing network traffic. Without a firewall, anything goes. With a firewall, there are rules that determine what traffic is allowed through, and which is blocked.
So why do computers have them?
Most homes that connect to the internet these days use a router so they can share the internet connection between many devices. However, not so long ago, many people plugged their computer’s Ethernet cable directly into the DSL modem. When a computer is connected to the internet this way, it has a publicly addressable IP, which means anyone can reach it. In these cases, any network services that are running on your computer (i.e. remote desktop, file and printer sharing, and other features) would be accessible to other computers on the internet.
Windows XP, when it was first released, did not contain a firewall. The combination of having services designed for local networks, computers connected directly to the internet, and no firewall led to numerous Windows XP computers becoming infected within mere minutes of being connected directly to the net. The firewall was introduced with Windows XP Service Pack 2, and it finally enabled the firewall by default in Windows, isolating network services from the internet. Instead of accepting every incoming connection, a firewalled system shuts them down, unless specifically configured to do otherwise.
This prevents hackers from connecting to local network services on your computer, and it controls access permissions of other computers that are on your local network. That’s why Windows asks you what type of network you are connecting to. If you connect to a home network, the firewall will allow access to these services, but if it is a public network, the firewall denies access.
If a network service is configured so it will not allow connections from the internet, it could be that the service itself has a security flaw, and a specially crafted request would actually allow an attacker to run arbitrary code on your computer. A firewall will prevent this by getting in the way.
Additional firewall functions
The main security purpose of the firewall for home users is to block unsolicited incoming network traffic. But they can do many other things. Because of where the firewall is situated, it has the ability to analyze all traffic that arrives or leaves the network and to decide on how to handle it. For example, a firewall can also be configured to block specific kinds of outgoing traffic, or it can log all traffic or just suspicious traffic. A firewall could have numerous rules that allow or deny specific traffic types.
Firewalls can range from software running on your laptop to dedicated hardware found mostly in a corporate environment, where it is often used to also analyze outgoing traffic to monitor employee’s network use and ensure no malware is communicated through the network. If you are like the majority of people, you have a router at home that also functions as a sort of hardware firewall because of its network address translation feature, which prevents unsolicited incoming traffic from reaching your computer or other devices behind your router.
What kind of firewall do you have? Have you more wisdom to share on the topic? Do so in the comments below! And for more security advice, check out our list of home networking mistakes and learn about safety and privacy on the internet.