Outside of my normal job I do a lot of work with small businesses and individuals, and it continues to amaze me that people still do not take information security seriously. So many people still have that mind set of thinking that computer security is really for banks or big businesses. That the home user doesn’t need to worry about password strength or email phishing. Despite the almost daily stories that inundate our news, computer users continue to blindly grope through the muck of the internet hoping nothing sticks to them. But I think that a lot of the problem is simply a lack of education. It isn’t enough that people in my position tell them they need computer security, we need to explain why. We need to educate the end users. So I am going to start with a series of articles that explain the basics of computer security for the home user. This first article is on firewalls.
What is a firewall and what does it do?
The firewall is the first line of defense for any computer or computer network. Think for a minute about a medieval castle. Most castles were an entire enclosed community surrounded by giant walls. Those walls were often impregnable and it kept everything unwanted outside of the castle while everyone inside was safe and free to go about their daily lives. So, at its most basic level, a firewall is a piece of software or hardware that controls access to your computer much as the castle walls did. Ideally, the firewall should allow the traffic that you want into and out of your computer, but block things like hackers and viruses. Unfortunately, it is never that simple.
While there are different types of firewalls, and they may work in different ways, for our purposes we will keep things very simple. When data flows across a network, it does so in a series of tiny data packets. The network delivers these data packets to your computer where they are reassembled into usable information. What the firewall does is to inspect each individual packet and determine if it is safe or not (some firewalls look at the applications, and others have a slightly different approach, but the basic theory will work for right now). If it is not safe it gets blocked, if it is safe, it is allowed through. Another thing a firewall does is to actually close off the doors of a computer. Your computer has tens of thousands of ports. A port is an access point that allows a program to communicate with the outside world. For example, port 80 is commonly used to allow internet traffic across, and so it is important to keep open. But, an open port is a vulnerability so the firewall can also block all of the unused ports and make them inaccessible to the outside world; if there is no door, there is no way in.
Imagine though, a world of computers that couldn’t talk to one another, what point do they serve? So we have to have open ports that allow the computer to do things. And much like a house door, sometimes an uninvited guest shows up. When the guest arrives at your doorstep they knock and ask to be let in. If you know them, you can open the door and talk to them, if you trust them you can let them come and go as they please, but if you are suspicious, or hostile, then you don’t let them through the door. But some visitors are very good at disguising themselves as someone you trust (like a police officer), or as someone innocuous (like a plumber or electrician) but once they get in you find out to late that they are bad. The firewall tries very hard to separate out the good information from the bad, but sometimes cleverly disguised things get through, which is why we have other types of security as well.
Your Firewall
Most people have a firewall built into their computer. Windows 7 users for example can open the control panel and navigate to Windows Firewall. Once you open that, there are a number of options for different purposes, but the most important thing is to simply turn it on. There are countless web sites, articles, or YouTube videos that go into detail about the functions of the firewall, but for now, just make sure it is working. On Macs the OS X version is referred to as Application Firewall, and all other operating systems have them as well.
But, there are also a lot of aftermarket solutions as well, most of which work better, but are generally more complicated, than the version that comes with your computer. Also, a firewall is not the same as an antivirus and you should never just run one. On Windows 7 and later computers, you can run an antivirus with just the Windows Firewall, but generally I recommend running an all-in-one internet security suite that combines a firewall with antivirus, and other tools as well.
One thing to be aware of is that a firewall can change the behavior of certain programs. If you suddenly can’t connect to a particular website, or stream movies, right after turning on a firewall, than chances are the firewall is blocking certain things and you need to allow those programs to work through the firewall. Your software should have a help section to explain how, or get online and just Google it, someone else has already had the same problem and figured it out.
How to test your firewall.
Once you have that firewall turned on, and before you put it out of your mind and get on with surfing the internet for the newest cute kitten videos, take a moment to verify that it works the way it is supposed to. There are a number of very good sites, but I recommend using the one at Gibson Research Corporation. This is a port scan of your computer and will tell you how effectively your firewall is working. One caveat though, try it under different conditions, since it is possible to have a different set of settings at home and at the local Starbucks.
If you don’t have a firewall, go get one. Most major security vendors have them. Try looking for ESET, Trend Micro, Norton, or Kaspersky to name just a few. Some are better than others, some are cheaper, or include lots of extras. It is also becoming common to get a subscription that covers multiple devices (including your mobile ones) all for the same price. The most important thing is that you have one, and that you use it.