How important is a firewall really?

Answer 1

A firewall prevents viruses, worms, trojans and backdoors as well as malicious attacks from your pc coming thru the internet. It works live and thus is able to prevent whereas an anti-virus software removes or cures your pc from the viruses thus not protecting you live.

A firewall is a must since there are so many threats out there.
After all "Prevention is better than Cure".

Answer 2

Firewalls come in different flavors. I think it is essential for people to have a firewall, but that doesn't necessarily you need to have a dedicated appliance the same way corporate users might. Many NAT routers provide the function of a firewall.

There are a couple of online sites that do security scans so you can see if things like ports showing etc. There are also some decent free software firewalls such as ZoneAlarm too if price is an issue.

Answer 3

Depending on what kind of Job you're doing as well as the size of your business a Firewall might help. A firewall it's used for blocking incoming or outgoing IP addresses and/or ports on your network. Sometimes it's not very effetive because the harm content it's send on known ports (Ex. HTTP or SMTP) (Ports 80 & 125 respectively), in that case the best option would be adquiring a Sensor but unfortunately these ones are very expensive.

Answer 4

Ask yourself this question. Would you let a 4 years old child walk accross the street alone no think of cars as intruders without you a child would get hit most likely same with a firewall without it hackers can get into your computer and use it and they do for spammimg with email and other illegal activities..

Answer 5

Firewall is like the front door of your house. If you don't set some of the security e.g. a lock. you are taking risk for someone to break into your house.

It is not necessary to have a door lock if you are sure that no one is going to rob your house.

So it is not necessary to have a firewall if you are sure that no one is going to steal your personal information or hack into your computer to do funny business.

Answer 6

The term "fire wall" originally meant, and still means, a fireproof wall intended to prevent the spread of fire from one room or area of a building to another. The Internet is a volatile and unsafe environment when viewed from a computer-security perspective, therefore "firewall" is an excellent metaphor for network security.

In computer networking, the term firewall is not merely descriptive of a general idea. It has come to mean some very precise things.


Location, Location, Location

The most important aspect of a firewall is that it is at the entry point of the networked system it protects. In the case of Packet Filtering, it is at the lowest level, or "layer" in the hierarchy (stack) of network processes, called the Network Layer or the Internet Layer. This means essentially that the firewall is the first program or process that receives and handles incoming network traffic, and it is the last to handle outgoing traffic.

The logic is simple: a firewall must be positioned to control all incoming and outgoing traffic. If some other program has that control, there is no firewall.

So -- what do firewalls do?

The most basic type firewall performs Packet Filtering.
A second type of firewall, which provides additional security, is called a Circuit Relay.
Another and still more involved approach is the Application Level Gateway.

Packet Filtering

All Internet traffic travels in the form of packets. A packet is a quantity of data of limited size, kept small for easy handling. When larger amounts of continuous data must be sent, it is broken up into numbered packets for transmission and reassembled at the receiving end. All your file downloads, Web page retrievals, emails -- all these Internet communications always occur in packets.

A packet is a series of digital numbers basically, which conveys these things:

The data, acknowledgment, request or command from the originating system
The source IP address and port
The destination IP address and port
Information about the protocol (set of rules) by which the packet is to be handled
Error checking information
Usually, some sort of information about the type and status of the data being sent
Often, a few other things too - which don't matter for our purposes here.
In packet filtering, only the protocol and the address information of each packet is examined. Its contents and context (its relation to other packets and to the intended application) are ignored. The firewall pays no attention to applications on the host or local network and it "knows" nothing about the sources of incoming data.

Filtering consists of examining incoming or outgoing packets and allowing or disallowing their transmission or acceptance on the basis of a set of configurable rules, called policies.

Packet filtering policies may be based upon any of the following:

Allowing or disallowing packets on the basis of the source IP address
Allowing or disallowing packets on the basis of their destination port
Allowing or disallowing packets according to protocol.
This is the original and most basic type of firewall.

Packet filtering alone is very effective as far as it goes but it is not foolproof security. It can potentially block all traffic, which in a sense is absolute security. But for any useful networking to occur, it must of course allow some packets to pass. Its weaknesses are:

Address information in a packet can potentially be falsified or "spoofed" by the sender
The data or requests contained in allowed packets may ultimately cause unwanted things to happen, as where a hacker may exploit a known bug in a targeted Web server program to make it do his bidding, or use an ill-gotten password to gain control or access.
An advantage of packet filtering is its relative simplicity and ease of implementation.


Circuit Relay

Also called a "Circuit Level Gateway," this is a firewall approach that validates connections before allowing data to be exchanged.

What this means is that the firewall doesn't simply allow or disallow packets but also determines whether the connection between both ends is valid according to configurable rules, then opens a session and permits traffic only from the allowed source and possibly only for a limited period of time. Whether a connection is valid may for examples be based upon:

destination IP address and/or port
source IP address and/or port
time of day
protocol
user
password
Every session of data exchange is validated and monitored and all traffic is disallowed unless a session is open.

Circuit Level Filtering takes control a step further than a Packet Filter. Among the advantages of a circuit relay is that it can make up for the shortcomings of the ultra-simple and exploitable UDP protocol, wherein the source address is never validated as a function of the protocol. IP spoofing can be rendered much more difficult.

A disadvantage is that Circuit Level Filtering operates at the Transport Layer and may require substantial modification of the programming which normally provides transport functions (e.g. Winsock).


Application Gateway

In this approach, the firewall goes still further in its regulation of traffic.

The Application Level Gateway acts as a proxy for applications, performing all data exchanges with the remote system in their behalf. This can render a computer behind the firewall all but invisible to the remote system.

It can allow or disallow traffic according to very specific rules, for instance permitting some commands to a server but not others, limiting file access to certain types, varying rules according to authenticated users and so forth. This type of firewall may also perform very detailed logging of traffic and monitoring of events on the host system, and can often be instructed to sound alarms or notify an operator under defined conditions.

Application-level gateways are generally regarded as the most secure type of firewall. They certainly have the most sophisticated capabilities.

A disadvantage is that setup may be very complex, requiring detailed attention to the individual applications that use the gateway.

An application gateway is normally implemented on a separate computer on the network whose primary function is to provide proxy service.


--------------------------------------------------------------------------------

As you can see, all firewalls regardless of type have one very important thing in common: they receive, inspect and make decisions about all incoming data before it reaches other parts of the system or network. That means they handle packets and they are strategically placed at the entry point to the system or network the firewall is intended to protect. They usually regulate outgoing data as well. The types and capabilities of firewalls are defined

Answer 7

This day and age .. it's extremely important. There are a lot of bad things that your computer can catch, if it goes into the internet unprotected. Consider it a condom for you computer.