*** Additional advice from our members ***
Answer:
If you have your computer directly connected to a cable modem or a DSL modem, a firewall is an absolute necessity. For the purpose of this discussion, I'm going to assume that this is how you are connected.
If you're dialing up to the Internet, these are still good precautions to take, for all of the reasons we will discuss here. By definition, a firewall basically stops connections to and from your computer that you don't authorize, and allows connections that you do. It's not always people trying to connect to (hack) your computer, but it could be viruses or worms automatically scanning the Internet for open, unprotected computers that they could replicate themselves to.
There are two basic types of firewalls available. Hardware-based firewalls connect between your cable or DSL modem, and are generally configured with your web browser. Usually, they work by utilizing network address translation (NAT) to identify Internet connections that you have made vs. communications that you did not request.
Software-based firewalls are by far the easiest to use and, in some
cases, are free. The most notable of these, and the best in my
opinion, is ZoneAlarm (http://www.zonealarm.com). I mentioned above that firewalls allow connections that you authorize. Along those lines, ZoneAlarm will ask you when a program tries to connect to the Internet. If you recognize the program (i.e. Windows Media Player), you can allow the connection. It won't ask you again, so it's not constantly asking you questions. Once it does quiet down, you will only see notices when new software tries to connect to the Internet, or (potentially) if you have a virus and it tries to reach out to other computers. This prevents your personal information from making it off of your computer.
Other free firewall programs to look at:
-- Kerio Personal Firewall (http://www.kerio.com)
-- Sygate Personal Firewall (http://smb.sygate.com/products/spf_standard.htm)
An important note: while it may be OK to run multiple anti-virus software packages simultaneously, you should never run two software-based firewall programs at the same time. They could have unpredictable interactions with each other, and block all communications into and out of your computer. Therefore, if you're running Windows XP, you should disable the Windows Firewall component before installing a software firewall.
Once you have your software installed and running to your satisfaction, test it to make sure that it works correctly. Use a utility like ShieldsUp! (https://grc.com/x/ne.dll?bh0bkyd2) which is free and very comprehensive, or Security Space Desktop Audit
(https://secure1.securityspace.com/smysecure/desktop_index.html) which costs $9.95 for one year's worth of unlimited audits. I highly recommend the ShieldsUp! page, as it is very descriptive and offers many detailed discussions of Internet vulnerabilities and is good reading for anyone, experienced or novice.
--
Submitted by: Bill S.
***********************************************************************
Answer:
Stanley,
A firewall simply puts up a "barrier" between you and the Internet. Nothing comes or goes without your attention or approval. Its that simple. Windows XP has one available, but it is not a complete firewall. Most firewalls will protect the computer in both directions, inbound and outbound information. Win Xp's firewall only protects in one direction. A firewall is a "must have" item. I installed one when I got DSL and had intrusions blocked in just the first few minutes after installation. There are many unscrupulous people in cyberspace that are ever working, night and day, to see if they can get into as many systems as possible for less than honorable purposes. On top of this, there are businesses that would like to have unlimited access to your surfing habits so that they can bombard you with pop-ups, etc. The only firewall that I can recommend (because its the only one I've tried or needed) is Zone Alarm. It works very well and best of all it is free at Downloads.com. I've used Zone Alarm for years and have found it to be very reliable and did I mention that it is free? I recommend Zone Alarm to everyone and did I mention that it is free. Zone Alarm is very user friendly, doesn't take hardly anything to setup, and did I mention that it is free? Zone Alarm Pro is available to purchase, but for the price, you just can't beat the free version. It is recommended by many IT people (Kim Komando, Wayne Cunningham, etc. Lee might even recommend it, but you'll have to ask him for sure.) By the way, a good pop-up blocker to get is Smart Pop-up Killer. It is small, works in the background, and is only present when IE is up. Good luck, Stanley (and did I mention that Zone Alarm is free?).
Submitted by: Mike
***********************************************************************
Answer:
Stanley - Glad to see that the grandpas of the world are starting to use the Internet. But, like in the wild, wild west, you need to protect yourself upon entry. Here are some ways to decide what you need to do to protect yourself.
First, you should understand that there are two types of firewalls - hardware firewalls and software firewalls. Hardware firewalls are generally used to protect networks where there are many end users - typically at large companies, schools, e-commerce web sites, etc. They can also be useful for small office or home office networks that use wireless technology. But, from the tone of your letter, I believe your situation involves a single personal computer connected to the Internet via a dial-up modem, DSL connection or cable Internet access. In that case, you really don't need a hardware firewall. However, if you decide to get together with other grandpas in the future and start doing some online gaming using a wireless point at your house, you should probably submit another question to CNET.
So, what does a firewall do? Basically, a firewall acts as a traffic cop for your PC - screening and filtering data that enters your PC via your Internet connection. In simple terms, it keeps the bad guys - hackers - out of your PC. Although the Internet is a great place, remember - it is a two-way highway. You can go out and see the Internet world, but some portions of the Internet world will also try to come into your PC to visit you!
What can these hackers do to you? They can run scanner software to find computers to target for virus attacks, spam attacks (stealing your e-mail address to send fraudulent material out), denial of service attacks (flooding Internet sites with sign-ons to clog the server), etc. If you do not protecet your PC from them, it is vulnerable to attack. This is particularly true of PCs that are "always on" - ie, using a DSL or cable Internet access connection. As a good citizen of the Internet, it is your duty to protect your computer from these hackers and their tactics.
So, knowing that you need to protect yourself, how does a software firewall accomplish that? A software firewall is a program that you load into your PC to protect it. In simple terms, when properly configured, the software firewall will shield your PC by hiding its "address" from people outside your network - ie, Internet intruders. If they don't know you are there, then intruders cannot target your PC for attack.
Software firewalls can also have other useful features. Some can create logs of activity against your PC for your review. Some have additional built-in security features like anti-virus protection. Finally, some have other Internet security tools like anti-spyware and anti-spam software. If you don't already have those type of protective tools, you might want to check out a firewall suite that contains all of them.
There are a number of different software firewall products available. A really good one is ZoneAlarm. A free version of ZoneAlarm is available at www.zonelabs.com. You can also check out Norton Internet Security at www.symantec.com. Better yet, just search the CNET web site at www.cnet.com! You can find product reviews, ratings and cost information.
Good luck,
Submitted by: Jerry B. of Manchester CT
***********************************************************************
Answer:
Yes, Stanley, for general users a firewall is necessary. Whatever one's setup, there's no good sense surfing without a software firewall.
Originally firewalls were designed to block unwanted intrusions; later, the capability to control network access of programs from one's own computer was added. This provided securtiy against some known possible problems with legitimate software and protected against the malware apps phoning home. Modern paid firewalls also now look at the data packets for suspicious acitivity (stateful inspection) and monitor memory to prevent applications memory space from being modified by another program.
For free personal use, you can start with Kerio, Sygate, or Agnitum's Outpost. IFF it works on your system, I can also recommend ZoneAlarm's free version. (The last one that worked for me under 98SE or XP SP2 was 4.559.x; I haven't tried the latest release.) They are all easy to set up, have a 'wizard' to guide you through setup, and offer learning modes - one gives permisiions as they arise. Be stingy - if something doesn't work because you've denied access, you can always easlily modify settings.
All the free personal-use versions offer online support via fora, user groups, FAQs, and often third-party unofficial support sites.
It's a bit more work, and occasional frustration, but I suggest you try a few and find the one that best suits your needs and fancy. Ditto for paid versions.
I suggest steering clear of all-in-one security suites, at least until they mature a bit - they tend to get large, unwieldy, and often step on their own cr - er, toes.
Please note, nothing is perfect, and a layered approach to system security is highly recommended: an anti-virus app (AntiVir and AVG are probably the two best free-version ones extant, by my usage); a firewall; a malware scanner (Spybot Search & Destroy, AdAware SE, Ewido Security Suite, A2 [A-square], use a couple and scan weekly - run 'em, minimize window, go on with your live - takes five minutes); and a malware blocker (SpywareBlaster.) I can also recommend Microsoft's Anti-Spyware Beta for now.
I know this may sound like a lot of stuf to deal with, but it's piecework <g> and once dealt with, clear sailing. Just remember to update and scan regularly.
For convenience, use a pop-up blocker. Pop-up Stopper from Panicware is still the best and comes in a free version.
Using the setup offered above, I've had _no_ infections or other malware for almost a year.
Please note, in making my suggestions I haven't meant to slight other good apps; I speak only of the ones I have tried, used, and found to work.
Sorry about the long post. I hope this helps.
I left out a coupla very important things. Run only _one_ firewall and anti-virus app at a time (you may have more installed, but chose only one of each to autostart and monitor your system.) Also, generally run firewalls in "stealth" mode.
Be aware of your system's security settings - file sharing, browser (Active-X, Java permissions, logon,etc.) Microsoft's website has lots of useful info, and I can well recommend PCPitstop for general use.
Do not be overly concerned with cookies. They are mostly (99% or so) innocuous, and often useful.
Use a good disk cleaner now and then. All kinds abound, some are simple and good, I can recommend Disk Cleaner from R. J. Moerland at http://www.xs4all.nl/~mp2004/,
Use lots of RAM and shy away from RAM defragmenters.
Ah, the registry. Can of worms; be careful. However, I broke down, saved up and bough TuneUp Utilities. Free, good, and useful also are RegClean from Microsoft and TweakNow RegCleaner.
Karen Kenworthy has a raft of useful utilities.
EasyCleaner by Toni Helenius has been very useful, but approach some functions with a tad of caution.
PCWorld, CNET of course (!), and others make good places to start for basic info and more; also for software, snapfiles.com is hard to beat - that's how I found most of the utilities I use when I first started with my Intel-based machine.
oh, boy, just one more thing - defragment! The hard drive gets cluttered with bits and pieces of files scattered about - it's a fact of life. Defragmenting keeps things neat, fast, and helps prevent a slew of unpleasantries.
Use Windows built-in, or for best-in-class for home use, spring for Diskeeper from Executive Software. I did, and have never regretted it. (There are some high-geek defrag utilities that are very good, but I haven't figured out how to properly use them yet.)
Submitted by: Jonesy
***********************************************************************
Answer:
Dear Grandpa:
Hey, if you've got your antivirus to the point where you can understand it, then a firewall shouldn't be too bad. Think of a firewall as just that. The thing in your '59 Mercury that kept the heat of the engine away from you in the drivers seat, especially in the case of a fire. That's what a "firewall" for your computer will do.....electronically. Basically, there are two kinds. Hardware and software. Because you have antivirus protection, you may already have the software kind. The most protection you can get is with both kinds. All you really need to do is buy a device called a "router" with built in firewall. I personally use a linksys for my home system. Typically, routers are designed to "route" more than one computer to your single internet connection to your internet service provider (your ISP, or network company). Routers have also the advantage of providing additional protection from the outside world of hackers (a "firewall") by making you invisible to them. Here's an "armchair" description of how a firewall works. Pretend like your computer is actually the house you live in. Mail comes to your house (as well as all other deliveries) by the street address you ask them to be sent to. Now lets say that you want to start a business. You don't want everyone in the world to know your home address. Well, with the Postal service, you would simply rent a post office box, and from now on, you would use that as your address. No one would know where you lived, and would not be able to send a "stinky bomb" to your home address. Okay, so your computer is the home address, and the router is your PO box, sort of. Now imagine that every time someone ordered something from your company, you could give them an entirely new PO box. Each and every time! That would really keep them from knowing your address, right?
O.K., now in computer terms. Your computer's "mailing address" that is visible on the world wide web, is what is known as an IP (internet protocol) address. You probably didn't assign this address, windows will do it for you, and it's something like 198.128.2. Well, everytime you go on the world wide web, your address is hanging out there in the breeze. If a hacker gets ahold of your address, they can get into your computer (without you even knowing about it) and do all sorts of nasty things. With a router in between your computer and your internet provider, you become invisible. You see, your router keeps your address invisible by becoming a different address for you. And it changes every time you connect. The routers address can be seen on the web, but the router contains no information of it's own, so a hacker trying to get into that address, won't get anywhere.
A firewall router is pretty much plug and play. The only work required may be talking to your internet provider and having them make an adjustment for your router so that they recognize you.
Have fun,
Submitted by: Greg
***********************************************************************
Answer:
To Stan (or "Granpa," as he referred to himself):
We're never too old to learn, and the best first step is to ask questions and seek advice. There are a number of good PC related magazines as well as on-line arena such as C-Net.
I used to be a "power user" at a major corporation, and had responsibility for selecting, purchasing and installing PC's for our large department, as well as selecting and installing new software and helping the end users get started. However, I retired from that company while the Internet was still relatively new, and spamming, hacking, scamming, phishing, etc., were not yet major issues. We knew about the danger of virus infections, and knew that McAfee seemed to be the most "on-top-of-things," but I don't remember that McAfee was a retailed software package back then. Peter Norton Software had not yet been merged with Symantec, and the Norton name was more familiar to and respected by most users. Norton was brilliant, and his software was bug-free and powerful, while still user friendly. Many of us used one of these methods to check for, and clean up virus problems.
A few years later my personal situation changed, and I was without a home computer for several years. When I was preparing to purchase one recently, I decided to do a little research first, as to which brands and models were the most highly recommended, and eventually bought one that shall remain nameless, but is still highly recommended in C-Net and a PC World magazine comparison article. The term "Firewall" was new to me, as were the terms "Privacy Service," "Spam Killer," and "cookies."
Reading articles in the PC related magazines answered those questions for me before I bought my computer -- I had wanted to be prepared with good software (or knowledge of appropriate measures to take) BEFORE I ordered and set up my computer. One of the editors of PC World magazine "ripped" Symantec's "costly update fees," so I leaned toward the McAfee "Security Center" package, which includes 1) VirusScan, 2) Personal Firewall, 3) Privacy Service, and 4) SpamKiller modules which are integrated in the package, but can be installed individually and used selectively. A 3-month free trial of this package was also preloaded on the computer I bought, and I immediately extended it for 12 additional months for a very reasonable fee at time of purchase. I find it full-featured and powerful, yet easy to use, and so far, very effective.
A couple things I like about the product: Its recommended default settings are effective and fit most casual users needs; however, a right-click on its taskbar icon offer options to change any of its settings with easy-to-understand information and explanations, with "recommended for the novice" notations. It shows summary reports of current and past activity, as well as incidents of attempted hacking. During installation, one of the options is whether or not you want it to automatically check on-line for new updates to automatically download and install (it can do this without your assistance while you are connected to the Internet doing "your own thing.") An option sets it to "always ask you" before it does this in every instance, and you can even set how frequently it will do this. You can set it (an installation default) to automatically run its virus scans at a certain time and day on a recurring basis (such as in the wee hours when you are not using your computer -- but the computer must, of course, be turned ON). It automatically logs every time a possible hacker -- such as a porno or phishing website in Shanghai China -- tries to access my computer, and through which port. Further, it automatically reports these incidents periodically to Hackerwatch.org, an organization whose mission is to protect innocent unsuspecting users by tracking these offenders down and reporting to government agencies, both in the US and the country of the offending user.
In brief, my experience makes it easy for me to be comfortable in highly recommending the McAfee "SecurityCenter" product without hesitation or caveats. I have found that their customer support is good, and their pricing policies are fair and reasonable.
I hope this helps, and best of luck and happy browsing to you!
Submitted by: Mac E.
***********************************************************************
Answer:
Stanley,
In the very simplest terms...A (software or hardware), firewall is simply your own personal unpaid traffic cop (unless you choose a paid version usually called the "Pro Edition"). He (it) works for you to control whether a program may contact the internet &/or the internet may contact a program on your computer or network. (I don't personally consider Windows Firewall avail. in Windows XP a "true firewall" in my opinion, as it is only a one way gate that stops incomming traffic, but not outgoing traffic. And should you have a malicious program or data collecting spyware program installed on your computer, it allows the unseen call home feature to take place. A true firewall would allow you to see the action of that calling home, and a choice/chance to stop it from doing so).
Depending on how a firewall is configured, it may ask you each time a program requests internet access or server rights access, it may allow the action everytime access is requested by a program, or it may deny such rights everytime. But w/ every program, you choose what access those programs will have when it comes to internet access/server rights access.
Connecting to the internet is one of the most dangerous things we usually do to our computers, and attacks aren't a mere coincidence, they are a fact of life once connected. Once we plug in that connection, we open thousands of doors or ports that are completey unlocked. A firewall can lock those doors, and we can choose which doors to unlock or keep locked after we install one, based on our own personal choices & "Safe Needs."
Whether a Dial up connection, DSL or Cable, I personally wouldn't connect a computer to the internet without first installing & properly configuring a software firewall. Recent independent tests have shown as low as a 2 min. or less safe time period before spyware/virus infection or a hack attack will usually take place of an unprotected computer once you activate that "simple door unto the world," the internet connection.
I personally like & use "Zone Alarm Free" from www.zonelabs.com as my firewall of choice (My chosen personal unpaid traffic cop), though there are many other good ones out there.
It's free, effective, easy to configure, and has a great easy to follow for the beginner & techie alike tutorial as part of the install process. I won't play on the net without the simple protection of a firewall, and you shouldn't either. Not for more than a minute!
In the past I have even been tipped off about a malicious program installed on my computer or a customer's computer by the simple firewall "pop-up request of internet access" by said programs. It helps today to have that gate keeper/traffic cop watching all your doors (ports), the locks on those doors, and maintaining the keys to those locks for you.
Configuring is really quite simple. Allow once (click Allow), Deny once (cick Deny), Allow always (check the box on the left & click Allow-Green Check Mark), or Deny always (check the box on the left & click Deny-Red "X")....Or ask each time internet access &/or Server Rights is requested (simply a Blue question mark). Most Instant Messengers will also need Server Rights Access to work, but most other programs will not.
I allow these programs constant internet access in XP; Internet Explorer (or your internet browser of choice- I personally use FireFox from Mozilla.org), my AV update service (Live Update Engine Com Module w/ Norton AV), Windows Automatic Update service, Generic Host Process for Win32 Services, & MS Anti-Spy auto updating service.
All others are simply on an "Ask Me" per use/need/request basis, and I personaly like those pop-up's. This way I am in complete & total control of my computer/internet connection access...Not the "Net Nasties."
Good Luck.
Submitted by: Gary L.
***********************************************************************
Answer:
Stanley,
I see three questions: 1) what's a firewall?, 2) why do I need one?, and 3) which one?
1) A firewall is a program or device that inspects the traffic traveling between your local computer(s) and remote computers (AKA, the Internet). In simple terms, your computer asks for information from a remote computer, and the remote computer sends it. However, there are also remote computers that try to send information that your computer didn't ask for. This information is frequently malicious, and can piggy-back other nasties such as spyware, spam and viruses. A proper firewall prevents unrequested information from entering your computer.
2) A proper firewall is a part of a front-line base defense against Web nasties. If you spend any time on the Internet, you need to do what you can to protect your computer. A firewall is one of several such protection mechanisms. You also need antivirus (which you already mentioned), anti-spyware, and anti-spam.
3) Here you'll find a lot of opinions, but here are some facts: many publishers (including CNET) evaluate competing products and present you with a list of the "cream of the crop." In my research, some of the names that get "Editor's Choice" most frequently are ZoneAlarm ( http://www.zonelabs.com/store/content/catalog/products/sku_list_za.jsp?lid=nav_za
) for a stand-alone firewall program, and Trend Micro PC-cillin Internet Security 2005 ( http://www.trendmicro.com/en/home/us/personal.htm ) for a package that includes firewall, antivirus, anti-spyware, anti-spam, and more. If you have a local computer network attached to the internet through a high-speed ("broadband") connection, then the Linksys BEFSX41 router is recommended as a firewall device, but I'd still have either ZoneAlarm or PC-cillin on the computer(s).
Submitted by: Michael B. of Taylorsville, UT, USA
***********************************************************************
Answer:
Answer. A firewall (sometimes called a desktop firewall) is a software application used to protect a single Internet-connected computer from intruders. Personal firewall protection is especially useful for users with "always-on" connections such as DSL or Cable. Firewall are good to have as they can detect any intrusions and can often block them. Having a firewall is a good thing to have as it is often the first step to prevent any one to break into your system. If you are using Windows XP with Service Pack 2, then a firewall application is already running on your system as Service Pack 2 has the firewall application built in.
Put it this way, Im sure at one point, you had installed Wall Socket Covers which prevented a baby to put his/her finger in the wall socketand thus not get electricuted. A firewall is just that but used for computers. I have a firewall since I have Cable and the one that I have been using is ZoneAlarm. I reccomended it as ZoneAlarm is free, get the highest rating by CNet, PCWold,ComputerShopper. I have been using ZoneAlarm for the past 4 years, and it has a very good intrusion detection and prevention system along with a complete "lockdown" which at times, can be used to disable the internet if your computer is really acting crazy. ZoneAlarm's installation is pretty simple and easy, it will keep asking a user if you want a certain windows app to access the internet simply click on Allow or Disallow on the question screen ZoneAlarm Shows you. Learning new technology is not often easy, but it is definately worth it.&n! bsp; You can always email me back if you want more help and I will be more than happy to guide you.
Thanks
Submitted by: Viraj M.
***********************************************************************
Answer:
Stanley,
A firewall in the simplest of terms is a device or application that controls traffic between a private network and the public Internet and using one to protect your computer is definitely the way to go. They can also help keep intruders from attacking your PC or worse, stealing private information.
Windows XP ships with Windows firewall which is fairly straight forward and will be managed for the most part by Windows. It lives right on your desktop PC and does a fairly good job of keeping the "nasties" out.
If you are planning to connect more than one computer to the Internet in your home, you might consider going with a router product from linksys. These not only provide basic firewall protection, but can also allow you to easily add multiple computers to your Internet connection.
Firewalls are a good thing to have between your system and the Internet, expecially if you have a highspeed connection that is always on (one you do not have to dial into). Setting this up could save you a great deal of cleanup work in the long run.
I hope this has been of some help
Submitted by: Derek S. of Chilton WI
***********************************************************************
Answer:
Hi Stanley:
A firewall opens and closes communications channels called "PORTS", these ports are, depending on what is being communicated open and closes the port. Initially these ports are open, which means a hacker does not even have to knock, it is an open door and the hacker just walks in and takes over your computer. Lets see what kind of information you have on your hard drive? And as of late, there have been hackers that access your computer, take files and folders and lock them up via encryption. Then turn around and charge you for the encryption key to unlock them. Firewalls help to prevent this. Firewalls will only allow access to your computer, on your say so (you give it permission to do so) or (the really good firewalls) do not allow an application access to the internet without your permission. so the firewall leaves you in control of your computer, not a hacker taking control of your property. And yes, in this day and age, a person needs to have all of the protection they !
can get from a firewall.
Even with a dial-up nowadays a person should use a firewall. Even though dial-up ISP's by their very nature are a dynamic (always changing) address (IP number) and most people with dial-up's think they are secure, they are not. This is because with high speed broadband being accessible to the hacker they can more quickly detect an open address (IP) much more quickly. So with a dial-up get a fire wall.
Now if you are on a cable or DSL (Digital Subscriber Line) broadband connection it is even more imperative that a firewall be used as most addressing (IP) is static (does not change, even though some cable or DSL companies say that they are a dynamic address (I have one of those broadband connections , I have yet to see a new IP address) most are a static IP address. Most broadband connections are left turned on 24/7/365, hence it is easier for hackers to hack a broadband address.
These are the reasons for having a firewall. A hacker can and will scan for open ports find them and access them if the ports are not protected.
A final note. You should consider having these hmmm, might we say helper applications as follows (and they can be obtained at an absolutely pronominal price of, zero cost! all of the applications are for personal use only, non-business/non-commerical use, cut and paste the address' below to your broswer);
A firewall
ZoneLabs ZoneAlarm can be found at this address:
http://download.zonelabs.com/bin/free/10_12_zl/zlsSetup_55_094_000.exe
If you need further information CNet has reviews on ZoneAlarm. CNet rates ZoneAlarm very highly.
A Spyware/Adaware
There are two Spyware/Adaware applications that should be used together; Lavasoft Adaware SE and can be found at:
http://www.download.com/Ad-Aware-SE-Personal-Edition/3000-8022_4-10045910.html?part=dl-ad-aware&subj=dl&tag=top5
Search and Destroy can be found at:
http://www.pcworld.com/downloads/file-download.asp?fid=22262&fileidx=1
An anti-virus application
Grisoft AVG anti-virus application
http://free.grisoft.com/doc/1
The best thing about Grisoft is that it updates its virus definition all on its own and requires no yearly subscription to keep the definitions up to date. They also notify a person of the updated application.
When it comes to knowledge about firewalls, CNet has a very good course that is free of charge and on-line. These courses are not always available right away, but you can when the course comes up for Firewalls, sign up for it at this address http://courses.help.com/index.jsp.
If anymore information is needed go to the following address:
http://www.rickswebfactory.com/
There are some articles of interest there on firewalls.
Submitted by: Rick B. of Warren, MI
***********************************************************************
Answer:
Stanley,
First of all I think it's excellent that you are exploring the world of computers, it should open up a world bigger than you can imagine. Now to the task at hand, firewalls. Firewalls are not necessarily needed, at least in my opinion and here's why I think that way.
First, firewalls do block incoming web "nasties" as you put it, but they can also block traffic that you need to allow to your computer.
Secondly, they can be difficult to set up and for a new user you aren't going to go to the dark side of the internet much looking for stuff, so here's what I recommend.
You already have anti-virus which is a good step, I would also recommend picking up Webroot's SpySweeper, www.webroot.com. If you are not sure about how this program works and if you should buy it download the free-trial version to acclimate yourself to how the program runs and is setup. This program will keep you adware, spyware and trojan free. After you install SpySweeper make sure to update the definitions in the program which is really easy to do there is a big button in the options that will allow you to do this with one click. If you run scans I'd say 2-3 times a week you are guaranteed to stay clean, you can even schedule scans within the program to automatically run when you are least likely to be on the PC and therefore slowing down what ever work you may be doing on it. I would also recommend that you update your definitions once a week to stay on top of the latest threats. I use this program in conjuntion with a anti-virus program both at work and home and have very little internet browsing problems, and considering your experience this is a much simpler way to make your browsing experience both safe and entertaining.
Hope this helps you Stan, and good luck in your internet experience.
Submitted by: CK
***********************************************************************
Answer:
Hi Stanley,
When your computer is connected to the internet, it allows you to connect to other computers around the globe to request information. You are already familiar with entering a website address and viewing the information contained there. The reverse is also true. Other computers on the internet can connect to your computer and request information. This being a less than perfect world means that there are people out there that will try to exploit this two way interaction, be it rogue advertiser's or even malicious hackers, that will try to gather information from your computer without you knowing it, or worse, even try to sabotage it. This is where the firewall comes in.
A firewall can be thought of as a mini fortress, with your computer in the middle, and the firewall as the fortress walls between you and the rest of the world, keeping unwanted invaiders out. At various points in this wall are guarded gates, that will allow legitimate connections to your computer through, but prevent dangerous ones. These gates in computer terms are called ports, and different types of information use different ports. For example, when you browse the web, the information from the sites you visit will generally arrive at port 80, incoming email usually arrives at port 110, and so on. There are many different ports for many different types of service, web pages, email, streaming video/audio, online games etc...
The role of the firewall is to monitor all these different connections and decide which ones are legitimate, and which ones present a risk and to block the potentially dangerous ones. As you can see, using a computer on the internet without a firewall potentially makes you very vulnerable to attacks. It's a bit like driving a car without wearing a seatbelt, should something hit you, you are in a lot more danger without it.
There are many great choices for firewall software, including: Tripwire and Zone Alert. You may find that your antivirus provider also provides firewall products. I personally use McAfee for both antivirus and firewall protection. I like the simple to use setup for both and they periodically update themselves for added protection from newer types of attacks.
Once you have your firewall installed there really isn't much else to do apart from enjoy a safer experience on the web.
Finally, I would recomend taking a look back through some of the great previous discussions on CNET regarding Anti Spyware/Adware software. By using all three (Antivirus, Firewall and Anti Spyware) you are protecting yourself as much as you can in an otherwise dangerous electronic world.
I hope that I have helped answer your question, and wish you continued happy and safe surfing.
Regards,
Submitted by: Brian B. of Emeryville, CA
***********************************************************************
Answer:
Greetings Stanley,
A firewall traditionally has been a physical structure erected between rooms in a building so that no matter what went on on one side, i.e. that part of the building burning to the ground, the other side of the firewall would remain unaffected.
That analogy has been applied to the world of networking With a connection to the group of worldwide networks known as the Internet through your Internet Service Provider (ISP), you can send and receive traffice from any other computer that also has a connection to the Internet. Unfortunately this internet connection is analogous to having a front door to your house without locks-if someone finds the door, they can just walk right via your Internet connection in with impunity and deposit unwanted software as well as compromise the privacy of your personal information stored on your computer.
A firewall in the network sense acts like a sentry at your door, checking everything that goes in and out. This can take the form of a software firewall that you would install on each computer just like you did your antivirus software, or a hardware firewall that you would place in between your DSL or cable modem and your computer (or switch if you have your own network). To take the analogy further, a software firewall is like having a a lock on each of the rooms in your house-someone can enter your house (private network), but needs to get by the firewall on each computer. A hardware firewall is more like a lock on your front door-it protects everything inside, and you only need one of them (this analogy assumes there is only one entrance and no windows!). I would strongly recommend a hardware firewall such as the Linksys BEFSX41, as they are generally more secure, are easier to configure, and you only need one of them.
In most cases you only need to configure the firewall with some basic settings that your ISP would provide and you're in business. If you have Windows XP and have enabled the Universal Plug and Play (UPnP) service, Windows XP will open and close ports on this firewall as needed for some of the more esoteric services such as instant messaging, etc.
Submitted by: Ted L.
***********************************************************************
Answer:
Stanley,
There are many ways that a malicious person can take control of your computer without ever actually physically touching it. One of these ways is to send you email or download to you (through a browser session) software that will send information from your computer to the malicious person. A personal firewall can reduce the liklihood of that happening. Major virus-protection software companies also sell personal firewalls. Once installed, it will tell you when some program on your computer is trying to access the internet, and ask your permission to grant it. If you don't intend for the program to connect to the internet, you can stop it from doing so. The personal firewall will also memorize the programs which you say are OK to allow to connect, so you don't have to answer the same question repeatedly.
Another type of "hardware" firewall is needed if you are using an ADSL broadband phoneline connection (this means using a service that gives you always-on connection to the internet using your phone line, but allows you to talk on the phone at the same time) or if you are using cable broadband (this is a service using the same cable that gives you TV). The "hardware" firewall is also called a gateway router or broadband router. This is placed between your computer and your internet connection, and prevents anyone from taking over your computer through your broadband connection. The takeover can be surreptitious - so someone can steal personal information without your ever knowing it.
A wireless form of broadband router is available, but I advise against it - it exposes you to malicious use of your connection if someone in your neighborhood, within about 2000 feet of your house, has a receiver and your wireless firewall isn't set up with security and protection. If you connect by a modem dialup (so you can't use the telephone for calls while you are on the internet) you don't need a hardware firewall.
--
Submitted by: Bert B.
***********************************************************************
Answer:
Stanley, I can relate to not wanting to pull out any more hairs because of a computer. So my answer will head straight to the solution which, based on what you said, is best for you.
A firewall masks your computer from the outside world by creating a generic type of "address" that isn't, for all intents and purposes, your computer. Think of it as two doors in a security situation in a building, or to keep out the cold. You open one door, go into the space between doors, and that door closes behind you. Only then does the second door open and you are outside.
You will hear two types of firewalls described, hardware and software.
My answer only focuses on the hardware type, as given your situation you obviously want something that plugs in and works, you can then pretty much forget about it, and keep your remaining hairs! Software firewalls are, as the name implies, programs which are installed on your computer.
Unfortunately they will pop up boxes when certain internet events happen asking for your decisions, which is where you start pulling out hairs!
The simple answer is to go to a computer store and look for "Routers", read the box for a description of the firewall features to get acquainted. Unless you need the functionality of moving your computer around the house, avoid "wireless" routers. Make sure the router is designed to accommodate the kind of internet connection you use - dial up or high speed (DSL or Cable). Bring it home, follow setup instructions in terms of the sequence of plugging in wiring, and forget it 
Submitted by: dougjp
***********************************************************************
Answer:
The best and most obvious answer for you is to buy an Internet Router. The advantages of having a dedicated machine are these:
1) It will remain up even when all machines on your network are down.
2) Most are pretty much 'plug and play', with scripted browser based configuration wizards that will "clone" your PC's MAC address if necessary to support your ISP, as well as set up your lan.
3) If you can access the WAN, the firewall is in place, unless you have explicitly disabled it.
On the other hand, I have little faith in the PC software based "personal firewalls" that are available. If they fail to load, your machine is vulnerable. Ping attacks can slow or shut down your machine. If you plan on having more than one machine share your high-speed connection, PC-based solutions require something called dual-homing - this entails the installation of another network card, and then defining one as your LAN interface and the other as the WAN interface. Then you have to get a switch, etc,etc, etc. You get all of that and more in an Internet Router.
Non-firewall services that they provide include: DHCP server for your network, which automatically assigns IP addresses, as well providing DNS and router information to the systems connected. Most have built-in 4-5 port 10/100 Mbps switches to maximize peer-peer throughput.
Internet routers also have many of the features of a firewall:
- Network address translation (NAT) - a protocol that hides your machine from the outside world, so that ip/port scanners will not be able to inspect your machine for possible entry points.
- Ping suppression - a common attack is the PingOfDeath. This seeks to overwhelm your computer by inundating it with pings, and thus gain access to administrator privileges. By ignoring pings, as well as pushing WAN ping response out to the router, your machines are protected.
- IP. MAC, port, and protocol(UDP/TCP) restriction software to allow or disallow traffic between the WAN and LAN.
All of the home-grade internet routers I've seen do not allow for packet inspection, which more sophisticated firewall products provide. This allows the firewall to block packets based on their content. I doubt that most home users need or want the administrative headaches involved with this approach.
One thing to make sure to look for is something called "IPSEC pass-through", which will allow your home PC to connect to your company's VPN(Virtual Private Network) with the addition of some software usually provided by your company.
Internet Routers can be had for less than $30, given many of the discounts available. In fact, I've found that you can get a decent Internet/Wireless G router for around $20 after rebates. When setting up networks for friends, I frequently get them the wireless router and disable the wireless functionality unless they need it.
Submitted by: Rick D.
***********************************************************************
Answer:
Hello Stanly
To make it simple YES a firewall is on of the most required piece of software you need on you're computer,
Lots of people think its fun to scan the internet to see if they can access some one else's computer , they use little programs and true these programs they access a computer who is not protected .
Once they have accessed to a unprotected computer they are able to steal information from you're computer , think of passwords, credit carts , you're personal information .
Some even think its funny to destroy a computer by making changes in the computer .
Now a firewall closes down ports so that a scanner is not able to access a computer and steal or damage,
A firewall das exactly what the word says, it puts up a wall of fire to protect you're computer from the outside,
Here is a site which gives you all the information about what kind of firewalls there are and the protection it gives
http://www.webopedia.com/TERM/f/firewall.html
There are a lot of good free to use firewalls , here are some examples .
first of all there is the good old zone alarm ,
http://www.zonealarm.com/
on this site you can down load a free to use firewall .also do a spyware check .
Spyware are little programs which get to you're computer by just looking on a site or using a program, they send information about you're internet behavior and use up you're bandwidth.
Then there is the very good free to use personal fire wall from Sygate .
http://smb.sygate.com/support/documents/spf/default.htm
On this site there is a lot of good information how to install and run the free firewall
Be save and protect you're computer
Greetings
Submitted by: Dutchy
***********************************************************************
Answer:
Stanley, you are like many of us out here in that you want to protect your computer with the least amount of learning curve involved with the task.
There are many software based firewalls out there that do an OK job and probably the best are those associated with the mainline companies such as Symantec or McAfee. They do however start to make things complicated in the options that you have to choose and if you allow them to provide full coverage you may find out that many things you want to do are blocked to you. What I would recommend to you would be a combination of several things to provide the necessary security that you want:
1. A hardware based Firewall solution in the form of a router. This device, which will cost you typically under a hundred dollars, assigns a secondary IP address to your actual computer and prevents most uninvited excursions into your computer. Typically you would use a router only if you have several computers in the house connected together and using the same internet connection but that is not necessary. A router is easy to hook up. I use a simple one from Linksys and this should provide all the firewall protection you need as it keeps your computer hidden with a layer of protection from your active IP address. IMHO, this is much better than a software based firewall solution and much simpler as well. but.you also need to do more as follows:
2. Use a robust virus protection program and there will be many opinions as to which is best. If you stick with the big players in this field you will be ok. Dont activate any firewall options with whatever you purchase as your router will be doing just fine for you. Subscribe to the virus definition update part of this as if you dont any new viruses out there will have access without being scanned.
3. Further protect your computer with popup blocking and spyware blocking. This is crucial also as popup and spyware things will clog your computers memory faster than anything I know. I use Ad-Aware and Spybot Search and destroy and run them manually about once a week. Even though Im careful where I go on the internet it seems I always pick up something that can be safely removed.I also have two teens that are not at all troubled by clicking on any type of link while online. I havent had any troubles at all since using those combinations aboveits a maintenance issue that will require some time but it will help you learn about your computer and will guarantee trouble free internet browsing.
Finally, please remember, a couple bucks spent on this type of protection will keep you in happy computing much longer than hauling off and spending the bucks right away for that new program you want to try out.
Good luck to you !!!!!
Submitted by: Pat
***********************************************************************
Answer:
The antivirus software helps to prevent malicious programs from doing things like deleting files and other stuff to mess up your computer.
The software can check your incoming emails and other programs that might run on your computer to insure that they don't match the pattern of a known virus. In order for a virus to run, it has to first get loaded on your computer, usually through an email, something that you loaded from a disk, or something on the Internet that you downloaded.
The firewall handles another kind of threat. In order for your computer to communicate with the outside world (primarily through your Internet
connection) the software has a limited number of places that it will permit incoming and outgoing messages (these places are called ports and are assigned to different numbers.) Normally, communication with your browser (e.g., Internet Explorer) takes place on port 80. There are other ports assigned for FTP and secure communication, among others.
There are people who run programs that scan the Internet looking for open ports where they may be able make a connection and run unauthorized programs on your computer. The firewall can hide these ports from the outside world, both through reassigning the address of your connection and by making the port appear to not be assigned.
There are a couple of ways that you can protect yourself with a firewall, and it is wise to use both for the highest level of safety.
First is a hardware device called a router that contains firewall capabilities. If you have a home network or use a home wireless connection you probably already have one of these. Secondly, there is firewall software (e.g., Zone Alarm) that runs on your computer that can
provide additional protection if someone gets by the first level.
There is some configuration that needs to take place, so as a novice you may want to ask someone for help, or at least make sure that you read the documentation thoroughly and have some understanding of how to set things up. If you use Zone Alarm, for instance, the default installation gives you excellent protection, but you need to understand what types of things you don't want the firewall to stop. For a router, you can also get away with the default settings for the most part, but you should at least assign another ID and password for administering it, since an intruder is likely to know the one that ships with the device.
Submitted by: Bruce B. of Dudley, MA USA
***********************************************************************
Answer:
Welcome to the world of computers, Stanley. Since you're new at this, I'll try to keep it as simple as possible. Computers can be scary for "Newbies".
Let me just say that a firewall is absolutely imperative if you're going to be using the Internet. Anti-Spyware is another "Must Have". For starters, download and install Microsoft Antispyware from the Microsoft website. >> http://www.microsoft.com/athome/security/spyware/software/ << This is a trial with the option to buy after July 31, 2005. I've been using it in conjunction with "Spybot-Search & Destroy" without any problems.
Assuming that you've just purchased a new computer running Windows XP SP-2, you should have a firewall already active. It comes with Windows.
To be sure it's working, click on the "Start" menu - Control Panel - Security Center.
In the Security Center window, you'll see the three main aspects of your computers security, Firewall, Automatic Updates, Virus Protection. They should all be "On". If the firewall is off, click on "Windows Firewall" at the bottom of the window. Another window will come up. Click it on.
Others may recommend that you use other software as well to further protect your system such as additional Antispyware and Firewalls. While these may be valid and very useful, I wouldn't recommend that to you at this point. It will only confuse you and you need to familiarize yourself a bit more to fully understand what all these security measures do. Right now, the best thing for you to be aware of is the "Security Center" and an easy to understand Antispyware utility like the one I suggested earlier. Those things will help keep your system safe and trouble free.
Submitted by: Robert K.
***********************************************************************
Answer:
Hi,
Imagine your house with thousands of doors on each wall. Anyone walking by can come in and anyone inside can go out without you knowing what is happening. Things can be stolen or bad things can be put into your home.
How would you feel?
Your computer is like such a house where doors are called "ports". For example, if you plan to run a web server, it will probably run on the port number 80. A firewall is a piece of software that just locks all the doors and you can tune it for letting access to specific port (i.e.
port no 80 for your web server). Microsoft firewall is "half" a firewall. It only blocks the ports one way: from the outside world. But any bug you might already have in the computer is free to communicate its data anywhere outside your computer. Microsoft firewall is better than nothing, but far from enough.
I work in the IT industry for several years now and installed the following firewalls on my customers' computers and on my own pcs:
1. Zone Alarm Free edition (get it from http://www.zonelabs.com/store/content/company/products/znalm/freeDownload.jsp).
This firewall is great, but if you have to connect to your computer from the outside world (remotely), using the Remote Administrator software, it cannot let you custom the port number for the connection. As an individual, you don't need the full blown professional version.
2. Sygate Personal Firewall (get it from http://smb.sygate.com/products/spf_standard.htm).
This is the one I actually use as I sometimes need to access my computers remotely and it is very good.
Both are great piece of software and will protect your computer as well as any firewall you could buy.
I hope this was helpful.
Cheers,
Submitted by: Marc Q. of New Zealand
***********************************************************************
Answer:
Yes, you need a firewall, but maybe you already have one and don't know it! Imagine your internet connection as an electronic doorway between
your computer and the rest of the world. Imagine there are lots and
lots of bad guys roaming the Internet streets with nothing better to do than to rattle every doorknob they find just to see if they can open one and do some mischief inside. Any computer that dares to connect to the internet unprotected nowadays will be identified and attacked within minutes. No joke. Now imagine a firewall as the doorman or gatekeeper to your computer. At the very least, it should keep out the riff-raff and let into your computer only those you approve of. Better firewalls will also block bad guys from getting out of your computer and keep them from passing out information about you. The best firewalls will actually make your internet doorway visible from the outside only to those you invite in the first place. Firewalls do this by either comparing the network messages going into and out of your computer, or by checking the programs sending and receiving network messages, or both, and blocking those you did not give permission to. By the very nature of what they do, all firewalls can be at times inconvenient, either by asking you for permissions, or by blocking you from various websites and/or network activities. I know several people who feel that firewalls are just too much bother, and that is their choice. I strongly believe firewalls are one part of a suite of applications essential to responsible internet access, along with anti-virus, anti-spam, anti-popup, and anti-spyware. Depending on your computer, your operating system, and how you connect to the Internet, you may already have some or all of these protections. As you did not say anything about these, I can only speculate. If your connection is cable or DSL, it is possible your connection has hardware firewall features built-in. It is possible your computer has a software firewall already running. A good way to tell is to go to www.grc.com and run its Shields-Up! test. This website is an excellent source of information on internet security, if a bit technical. As for specific recommendations, again the information you provide is too general, but I am sure that won't stop other people from offering their solutions anyway.
Submitted by: Jim P. of Denver, Colorado, USA
Manage updates with the Download App
- 6/2/05 1:00 PM 
Unread
Read
Locked thread
Moderator
CNET Staff
Samsung Staff
Norton Authorized Support Team
AVG Staff
avast! Staff
Webroot Support Team
Acer Customer Experience Team
Windows Outreach Team
Dell Staff
Intel Staff
Question
Resolved question
General discussion
Tip
Alert or warning
Praise
Rant