|
Without a firewall, your computer is operating
under an "open door" policy. Bank account information. Passwords.
Credit card numbers. Documents and photos that you don't want to share
with the world. They are all available to anyone with bad intentions
and basic computer skills. Hackers can get in, take what they want,
and even leave open a "back door" so they can turn your computer into
a "zombie" and use it to attack other computers.
Every minute that your computer is connected to
the Internet, either through a dial-up (modem) connection or through a
broadband (DSL or cable) service, it is at risk.
The people who want to break into your computer
don't care who you are or where you live. They may be "script kiddies"
using malicious code they find on the Internet to wreak havoc on
others' computers, or they may be computer criminals with cutting edge
technology to sniff out unprotected computers anywhere in the world
and exploit their vulnerabilities. An attack can come at any hour of
the day or night.
When your computer is connected to the Internet,
it receives traffic from a wide range of sources, most of it benign.
Your instant messaging client alerts you that a friend has signed on;
your mail client finds new mail waiting for you and downloads it; a
weather site refreshes its rainfall map by telling your web browser to
reload a page. All of this traffic is handled invisibly by your
computer, which is listening to a large number of "ports." A port is a
specific connection point through which applications on your computer
connect to the Internet. And a hacker only needs one open port through
which to mount an attack.
Your computer is just one machine among the
millions connected to the Internet at any given moment. And a moment
is all it takes for a hacker to get in.
Antivirus software comes installed on most new
PCs, and most people think that it protects them completely from
Internet-borne threats. But virus protection is only as good as the
latest virus definitions, which are created in response to the latest
viruses. It's a game on one-upsmanship that the hackers always win, in
a sense; someone (potentially many thousands of people) must be
infected before the makers of antivirus software can create a defense.
And antivirus software does nothing to secure your computer against
direct hacker attacks.
A firewall is a piece of hardware or software that monitors
all incoming network traffic and allows in only the connections that
are known and trusted. Port 80 is open so that you can browse web
pages; port 1863 allows you to engage in instant messaging with
friends; port 443 gives access to secure web pages used by online
merchants to encrypt purchases.
You could manually grant or restrict access to
each of the 65,535 ports available under the Internet Protocol. Every
time you add a new program that requires Internet access, you would
need to determine which port(s) it uses, and reconfigure your computer
accordingly. You've likely got better ways to spend your time. See
Firewall Forensics for a truly dizzying explanation of ports and
their uses.
Firewall software takes on this burden for you,
allowing access to the ports you need open, and closing off those you
don't. It also makes your computer "invisible" on the Internet; if
hackers can't find you, they will have a hard time attacking you.
More advanced firewall software also monitors
outgoing traffic. This is crucial since malicious code spreads by
accessing the Internet and pushing copies of itself to other computers
(often those of your friends and family!). Outbound protection can
keep even brand-new Trojan horses and spyware from doing their
damaging work. The ultimate protection is program-level control, so
that only those applications that you trust are allowed to access the
Internet.
|
