A firewall is an application that lets you control and filter packets flowing in and out of your computer or network. Almost all PC's accept certain types of connections, and hackers can take advantage of this when probing for systems to attack. Such techniques include:
Firewalls are effective at blocking all of these kinds of probes as well as any other intrusion or denial of service attacks by immediately rejecting any incoming packets that weren't solicited from programs running on your computer. The attacker never receives a response, creating the illusion that there is no computer at your IP address. This in turn prevents any further attempts to exploit security vulnerabilities and break into a system.
Some firewalls (such as the one included with Windows XP) only work in a single direction - they examine packets your computer is receiving, not those it sends. This is because in most cases, data originating from your computer, such as requests for web pages, is legitimate But hostile applications like trojan horses, worms, and viruses can use your Internet connection to send an attacker sensitive information such as your files, screen captures, or even keystrokes. It is therefore crucial that your firewall has some mechanism for filtering outbound traffic from your computer. This is usually done by building up a list of programs that are allowed to use your Internet connection. If an unauthorized program makes a connection attempt, the firewall alerts you and lets you decide whether or not to give it permission to proceed.
Most multi-user connections to the Internet (i.e. where all your staff connect via a single phone line, now typically for broadband) will utilise a gadget called a router, and most routers now incorporate NAT or “Network Address Translation”. This technique allows the millions of office networks in the world all to re-use the same network addresses in the ranges…
...The router, on the other hand, will have a unique Internet address, such as 126.96.36.199, from which it can send and receive information (a bit like a post code). So when one of your staff, let’s call him Charlie, sends a request to the Internet it goes from his local address of 192.168.1.71, through the router’s one of 188.8.131.52, and then out to the world wide web, that is only aware of the router, not Charlie himself. So the returned packets are addressed to the router, which then re-addresses them (or translates their network addresses) to Charlie. In this manner computers on the local network are kept separate, invisible and safe from those on the Internet side of the router.
Whereas NAT gives excellent protection to the computers on its local area network, it must be remembered that the router itself will still have ports that can be attacked by hackers, and must therefore be set-up with as much protection as possible (e.g. “ping” turned off, internal firewall enabled, etc).
Static IP Addresses
All Internet connections are allocated a unique IP address when they join the web, such as 184.108.40.206, which work a bit like post codes. Usually you’ll get a different address (i.e. a dynamic one) each time you connect. However if you need, for example, to repeatedly connect two offices via the Internet (i.e. to join all their computers in a WAN) then you must have the same IP address every time you connect, in which case you simply have to request a fixed or static IP address from your ISP (which will cost a few pounds extra each month).