Do I need a firewall, and if so, what kind?

September 5, 2007

The very short, very easy answer is: hell yes! With all that’s happening on the internet these days it’s simply too risky to sit “naked” on the internet unless you really know what you’re doing.

The real question is: what do you need? It’s even possible you already are behind a firewall and don’t need anything additional.

First, realize that a firewall is about protecting you from them, where “them” means “the malicious folk on the internet”. A correctly configured firewall does not block your access out to the internet so you should be able to browse the web, for example, without interruption. The firewall prevents access from somewhere on the internet to you. That’s not to say people can’t send you email; they can because you access your mail through the internet when you retrieve or download it. It does mean that people can’t copy files directly to your PC or cause programs to be run on your machine.

Step one is to check with your ISP. Some actually do provide a certain amount of firewalling. AOL, if I’m not mistaken, is a fairly good example: they’ve set up their own private network and internet access is tightly controlled. The good news is that you may be well-protected. The bad news is that you have no control over it. Most ISPs, however, do not provide any kind of firewall. What you get from them is a direct connection to the internet. That gives you the most flexibility and control but it also places the burden of protection in your lap.

The next question is do you need a hardware or software-based firewall? In my opinion, if you connect via broadband such as cable or DSL then there’s no question at all: broadband routers are inexpensive and provide an exceptionally high level of protection out of the box. They’re typically easy to set up and also have the flexibility to be carefully configured for more advanced uses such as running a web server from behind your firewall. I like the hardware approach because the routers are devices dedicated to their task and do not interfere with – nor can they be compromised by – your computer. You can read more about routers and how I’d set up a home network. Remember, a router will work fine even if you have only one computer.

“… it’s simply too risky to sit ‘naked’ on the internet unless you really know what you’re doing …”

If you are on dialup or have some other reason for not wanting to go the hardware route there are software firewalls as well. In fact, Windows XP includes one by default: on the properties page of any network connection, click the advanced tab and you’ll find the Internet Connection Firewall. Even if you do nothing else and you’re not sure what you really want to do, you should turn this on. Other popular firewalls include ZoneAlarm and BlackIce Defender.

Finally, when you believe you’re protected or even if you know you’re not you should visit Gibson Research and run “Shields Up”, a vulnerability analysis. It will try to access and analyze your computer from the internet, list for you exactly how you are vulnerable, and tell you the potential steps you can take. It tends to be a little techie but it’s worth the effort.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: