Firewalls are an important part of computer security, and are used to block unwanted incoming our outgoing communication. If used correctly, they can be very effective in keeping your PC secure. If used wrong, they can not only make your computer vulnerable to attack (by allowing all traffic without exception), but can also render your LAN or Internet connection useless (by blocking all traffic, legitimate or otherwise).
Any good firewall traffic will be able to differentiate between UDP and TCP traffic. TCP and UDP are subsets of the TCP/IP protocol, which powers Internet communication. TCP focuses on delivery of information, regardless of the time it takes. UDP, controversely, focuses on speed and timeliness at the detriment of accuracy.
E-Mail, web-browsing and many other Internet activities use TCP, which stands for “Transmission Control Protocol.” Streaming content, like music & videos use UDP, which stands for “User Datagram Protocol.”
Although firewalls are usually used to keep unwanted traffic from entering your computer, they can also be an effective in preventing traffic from leaving your computer.
| Ports that should never be open to incoming Internet traffic | |
| 23 | Telnet |
| 135 | Windows Remote Procedure Call (RPC) |
| 137-139, 445 | Windows file & printer sharing (“NetBIOS”) |
| 161 | Simple Network Management Protcol (SNMP) |
| Ports that are usually open to outgoing Internet traffic | |
| 80 | Web-browsing (HTTP) |
| 21 | File transfers (FTP) |
| 25,110, 143 | E-mail related ports (SMTP, POP3 & IMAP) |
| Ports relating to commonly-used instant messaging (IM) chat | |
| 1863 | MSN Messenger |
| 5050 | Yahoo! Instant Messenger |
| 5190 | AOL/ICQ Instant Messenger |
For example, let’s suppose a child is instant-messaging (chatting) online using MSN Messenger, and the parents don’t approve. MSN Messenger happens to use port 1863 for its primary connection to the MSN chat servers. By instructing the firewall to block any outbound traffic on port 1863, the computer cannot communicate with the MSN servers, making the chat service unavailable to your child. Unfortunately, most firewalling software doesn’t allow per-user settings, so if you block port 1863, it blocks MSN messenger for all users that may use that computer.
In the previous example, port 1863 was blocked to disallow instant-messaging communication with MSN’s Messenger service. Rather than blocking only the ports that might need blocking, it might be more effective to block all ports and then open ports as necessary.
Computers running Microsoft Windows XP with Service Pack 2 (SP2) installed have firewall software built-in. If you’re not sure whether you have Service Pack 2 or not, go to your Control Panel and look for the firewall icon. Computers with Windows 95, 98, ME and 2000 will have to find a 3rd party firewall program. There are many free and commercial firewall programs available – you can find many (including reviews) online.
Many homes in the Carbon/Emery area that have broadband (usually DSL or Cable) also have a special device, often called a “DSL Router” or “Cable Router”, which is placed between the cable or DSL modem and the computer. These devices provide a lot of security on their own, and are recommended by many security experts, whether firewall software is used on your PC or not.
Such devices perform “Network Address Translation” (NAT), which not only allows you to share your Internet connection among other computers your home or office, but also creates a sort of one-way firewall. Outgoing traffic (information sent by your computer(s)) is allowed, however, incoming traffic is not allowed, unless it was previously and specifically requested by your computer, or another computer that is sharing the Internet connection.
A good firewall supports what is called SPI, or “Stateful Packet Inspection.” This is needed, because sometimes communication starts at one port, but subsequent communication occurs on higher ports. SPI makes sure that such communication can take place, even though the higher ports are not explicity allowed.
Firewalls are naturally complicated, and can be difficult to understand. However, when used correctly, they can be very effective tools in securing your computer. Unfortunately, they aren’t fool-proof. Any time communication can occur between computers, there will always be a chance security breaches can occur. However, when combined with regular software updates (like Windows Update, for example), a properly-configured firewall can make a break-in by an intruder unlikely.
Have comments or suggestions for a weekly Tech Tips article? Send an email to webmaster@sunad.com.