As you may know, a firewall is a protective barrier for your computer, which acts to shield it from threats on your local network and the internet. It's kind of like a security system for your house. Where I live in Hawaii, many of us leave our doors unlocked all the time, and never have a problem.
Unfortunately this is a really bad idea on the internet – when your computer is online (which if you have high speed internet like DSL or cable, is all the time) it's as if the entire world is next door to your “house, " so unfortunately you have to act as if your neighbors are all criminals, since someone in Nigeria can get to your computer just as easily as someone in Captain Cook, Hawaii.
Your network or internet connection (an internet connection is also a type of network connection, it just connects you to the world instead of one or more computers in your home or office) is actually split up into what are called “ports" - imagine a house with many many windows, some open, some closed - many ports have a specific purpose, like port 25 which is usually used for sending email.
What a firewall does is seal off all the ports that aren't needed, just leaving open the ports you need to send and receive email, browse the web, and so on.
If the other ports are left open, that increases the ways a person or a program (such as a worm) can just stroll right in, just like if you leave the doors or windows open in your house.
If you have a router (which is a device used to share a DSL or cable connection with more than one computer, or to make your internet connection wireless) then there should be a firewall in the router. This is what's known as a hardware firewall (since it's part of a piece of equipment), as opposed to a software firewall, which is a program on your computer.
Some people assume that having a router with a firewall is enough to protect your computer, but while it will help, you really need to have a software firewall too.
Windows XP & Vista, as well as Mac OS 10.2 and higher both have a software firewall built into them. Earlier versions of Windows and the Mac OS do not. If you have Windows XP with service pack 2 installed, or Windows Vista, then the firewall is almost definitely on.
Different kinds of software firewalls.
There are two general types of software firewall: you can think of them as “active" and “passive" firewalls.
In other words, a passive firewall just sort of sits there, and blocks the needed ports to keep things out and that's about it. An active firewall on the other hand, does the same thing, but also sort of sits up and pays attention to what's going on inside your computer, and gives you control over what programs can get out.
So if you have a piece of spyware on your computer that's trying to “phone home" to report in on what information it's collected about you, the active firewall can block it to protect you. And the byproduct of this is you're safer.
Both the Windows XP and Mac OS X firewalls are passive.
This is a lot less of a risk for the Mac, since there are no malicious programs infecting those systems (at time I'm recording this, there are a small number of programs like this written for Mac, but they're not circulating or infecting computers). You definitely need a firewall on a Mac to protect from outside attacks, but a passive one, at least for now, is enough.
On a Windows machine, a passive firewall is not enough, since there are thousands of malicious programs including worms, trojans, and spyware which, if they're on your computer, will try to sneak information out of your computer.
So if you're just using a passive firewall like the Windows firewall, you can fall victim of so-called malware without even realizing it.
You see, what happens is this; a piece of malware will get onto your system and usually does one of three things: either it invites more malware in, opens a “back door" for someone to come in and snoop around, or it collects information about you and sends it out to persons unknown.
An active firewall will let you control what programs can get out to the internet, not just what can get in, which is very important.
To go back to our security system metaphor, if you have a passive firewall it's kind of like locking your doors and windows - it does make it much harder for someone to break into your house or office from outside.
Unfortunately, the thieves are really smart, so they sneak someone inside when you're not paying attention and that person hides himself somewhere and then opens a door or window to let his buddies in, or rifles through your belongings and hands them through the window to someone outside.
If you have an active firewall, it's like a security guard is constantly patrolling inside the building, and only allows you or people you trust to use the doors and windows. If a stranger has gotten in, he's held until you can decide if he's OK or not, or his hands are tied so he can't steal anything.
Does that make sense?
So what do you need to do?
Well, if you're running any computer, you absolutely must have a firewall or you run the risk of someone hacking into your computer, or allowing a malicious program in. Macs are safe enough with a passive firewall, but because of the thousands of worms, viruses, spyware, etc. a Windows machine is still very vulnerable without an active firewall.
Windows users have a lot of options, like buying Norton Internet Security, (which includes not just Norton Antivirus but also Norton Personal Firewall), or using Zone Lab's ZoneAlarm.
I highly recommend ZoneAlarm – even the free version is a really great product, and can protect your computer very well.
Do not rely on the Windows firewall as it does not give you enough protection. Keep in mind active firewall programs do need some configuration to block and allow the right programs.
The firewall program usually asks you if you want to allow or block a program (and you can usually allow it or block it once or always) the first time a program tries to connect to the internet.
If it's something like Outlook, Firefox, or any other legit program that needs to connect to the internet, you want to allow it. If you're not sure if a program is legit, the firewall usually tells you the name of the program it's asking you about, so you can type it into Google and look it up.
Chances are, if you see a lot of search results talking about viruses or adware, then you should probably block it and try to get it cleaned up.
Setting the firewall program up the right way can be a little tricky, especially for a lot of more basic computer users, which is why I make it easy in my video course on easy and safe internet. I show you how to install the free version of Zonealarm, and exactly how to use it, step by step.
Mac users who want a little more security than the built-in OS X firewall program provides, can check out a program called Little Snitch. This is an active firewall program, like Zonealarm. The demo version of Little Snitch is a free download, which works on a trial basis.
Using a firewall is a vital part of keeping your computer, and all the files on it, secure. Don't make the mistake of running your computer without one.
Worth Godwin is a computer coach with a dozen years’ experience helping computer users of all levels, and has also worked for many years “in the trenches" as a hardware and software tech, solving real-world computer problems.
Worth has also been studying the human mind, and how people learn, since the early 1990s. He draws upon all of this, and his English and writing degrees, to teach people in a unique way with explanations that really make sense.
The above article is just some of the advice he has to give on how to avoid common computer mistakes as part of his easy computer training .