Late Night PC Service

A personal firewall is nothing less than essential for any computer that connects to the Internet.

What is a firewall?
A firewall is a block that stops certain Internet communication. Some firewalls are built in to a router or modem that you use to connect to the Internet. A firewall can also be a separate piece of software that runs on your computer. Although both are called a firewall, there are differences between the firewall built in to a modem or router and the kind that runs on your computer. Only a firewall running on your personal computer can identify and control communication from a specific program. A router or modem does not know anything about programs on your computer, so it can’t stop most viruses and spyware from sending messages out of your machine.

Here’s an example:
Suppose a virus was trying to find my computer by its address on the Internet (the IP address). A hardware firewall (one built in to a modem or router) might stop that virus from finding my computer. A software firewall could also stop the virus from finding me. They both do this by refusing to answer certain messages. A message such as a simple ‘ping’ or a more complex message designed to see if I have resources to share. This works in many cases, but not all, some viruses use messages that can not be blocked without preventing services that you want to use.

In this example both types of firewall can protect your computer from infection, so either would do equally well. Let’s look at another example:
Suppose that your computer is infected with a virus already. Don’t say, “That’s not going to happen to me” – it’s just a fact, infection happens. Getting a computer virus is as inevitable as getting influenza, it might not happen to you often, but odds are it will happen. So your computer is infected, what does the virus do next? Today’s viruses aren’t malicious the way they used to be. A virus today might wipe out your hard drive, but more often the authors would like to get more out of your computer than just a blank screen and a cry of anguish. A virus will do things to open your computer up for remote control, it may search your hard drive for serial numbers of your software and send them back over the Internet to the author (indirectly of course) or it may just try to spread itself far and wide as fast as possible. All of these possible and likely actions require that the virus be able to communicate to the Internet. A hardware firewall can’t generally block this access. A software firewall (like the very popular ZoneAlarm from Zone Labs) can stop this virus from spreading. ZoneAlarm can even tip you off that something suspicious is happening which helps you realize that you could have a virus.

Specifically in ZoneAlarm (others may be similar but I haven’t tried them), you’ll get a message that pops up when a program tries to communicate on the Internet. If you don’t recognize the name of the program and you weren’t doing anything on the Internet, then you can be suspicious and ask ZoneAlarm for more information. You could also just deny the request for access and run your virus scanner.

Even if you don’t care about sending a virus out to others after you’re infected (shame on you), it’s important to realize that while the virus is working it consumes your system resources, including bandwidth and CPU time that you could otherwise use. The symptoms include a slower Internet connection and an unresponsive computer. Blocking access to the Internet for the virus slows it down and won’t let it use up your Internet connection. Stopping the virus from communicating will also prevent anyone from using that virus to take over control of your machine (which is sometimes done to hundreds of computers at once for what is called a “Distributed Denial of Service– or DDoS – attack against a web site).

Remember, a personal firewall is nothing less than essential for any computer that connects to the Internet. If you don’t have one, get one.