Introduction to Firewalls

Each of these mechanisms has its drawbacks as well as its advantages. The application gateway is considered to be a more advanced and secure firewall mechanism than the other three, but it uses more resources (memory and processor power) and can be slower. Packet filtering is generally faster and easier to implement, but is susceptible to attack from users faking their source IP address (IP spoofing)or source port to trick your firewall into thinking that the traffic should be allowed through.

To beef up packet filtering security, stateful inspection packet filtering, or stateful packet filtering (SPF) was introduced. Essentially, SPF performs the same as a packet filter, but with a couple of added measures. First, it looks at more details from each packet to determine what is contained within the packet rather than simply who and where it is from (or allegedly from). Second, it monitors communications between the two devices and compares the traffic not only to the rules it has been given, but also to the previous communications. If any communication seems out of context or out of the ordinary based on previous traffic the packet is rejected.

Many home routers come with built-in firewall capabilities. Generally, these tend to be simple packet filters. You can block all incoming connections on all ports if you are not acting as a server for anything. If you want to publish a web page from your computer, you would need to allow incoming traffic on Port 80 to get to your computer.

If you want to be able to download files from your computer from outside using FTP, you would need to allow incoming connections on Port 21. A basic rule of security though is to start with the most restrictive and only open holes where it seems necessary.

In addition to the hardware firewall built into routers, there are also software applications called personal firewalls that you can run on your computer. These personal firewall applications monitor all incoming and outgoing communications on your computer as well as what services are trying to interact with what other services. See my Top Personal Firewall Products for more information.

There are new vulnerabilities and flaws discovered everyday which could allow a hacker to break into your computer, take control of it for use in a denial-of-service attack or steal or destroy your data. Keeping your software patched and running updated antivirus software are very important pieces of the puzzle, but having a firewall block incoming connections in the first place is definitely a wise idea as well. No one security solution will solve everything. The more lines of defense you have in place, the harder it is for hackers to get in and the safer you will be.