How does a firewall work?
A firewall is a piece of hardware and/or software that “sits” between your computer and the Internet in order to filter the traffic going back and forth. It acts, as a security checkpoint so that unauthorized data transfer doesn’t occur. If this kind of transfer does take place, it could allow a black-hat hacker or a script kiddy to gain remote access to your computer or let a Trojan horse (see Anti-Trojan) exploit your computer. A firewall examines all traffic routed between your computer and the Internet to see if it meets certain criteria. If it does, it is allowed in. If it doesn’t, it is stopped. Protecting your computer from intrusion, the firewall keeps your machine from getting burned by destructive intrusions that could result in data loss or file corruption.
A firewall monitors all incoming Internet traffic and allows only what is known or trusted. The traffic enters through “ports” on your PC. There are over 65,000 ports available through Internet Protocol. Trying to manually restrict these would be impossible. Firewall software does this by opening ports that need to be open and closing off ports that do not. It also makes your computer invisible to the Internet making it harder for “Hackers” to gain access to your PC.
In simple terms, we could say that a firewall is used to control traffic between your computer (or LAN) and the Internet. More accurately, a firewall is a way of enforcing a policy or set of rules governing the flow of data to and from the outside world. Firewalls that are used to protect home computers are usually based on packet filtering, ie. data packets are admitted or rejected according to the way the rules are configured. While these rules can be quite complex, for the typical home user their primary function will be to block uninvited incoming connections. Most firewalling tools for end users will come with a sensible set of rules by default.
