A firewall is a software that is installed on personal computers or small network servers when shared Internet connection is used. Its task is to control the communication from the computer that has direct access to the network. This means that it takes care of the following:
· which programs go out of the computer
· where they go and what they do, i.e. with which servers and through which protocols and ports they come into contact
· controls what goes into the computer
Most firewalls will ask for permission which program to let out, under which terms, which protocol program to use and on which ports to communicate. Of course, the same thing goes for vice versa: incoming communication. There are also firewalls that barely ask for permission to do anything. They are so automatized that they are practically pre-setup, while the only thing for you to do is to install them.
A good program of this kind will successfully register any connection before it's even made, block it, or (to be more precise) leave it on hold, and only make the connection if the user lets it happen. This basically means that if you're downloading a patch for a program, you can disable all other connection except for the one through which the exchange, i.e. the receiving of data is carried out through. Sometimes, not even this is enough and it's important to become aware that there's no such thing as perfect protection.
A good trait of some firewalls is that they have an ability to temporarily block all traffic between the computer and the Internet or to selectively allow specific programs to keep working normally.
How to set up a firewall?
By now, we have explained some of the basic principles on which firewalls work. Now, it's important to look at how to set them up correctly in order for them to work.
The first thing to do after the installation is finished is to check which rules are already there in the firewall. If the program is built so that rules for some applications have already been given, it should be uninstalled from the computer. If you don't support these kinds of methods, delete (or at least disable) this kind of rules.
The next step would be to secure NetBIOS. Some firewalls already have pre-set rules for it. It would also be recommendable to either delete or disable them as well if they don't satisfy the criteria of forbidding any kind of communication on ports 137, 138, 139, and through TCP and UDP protocols. If the computer is not in a local network, take the previously described steps to deactivate NetBIOS completely.
The next thing is going online. It's advisable to delete or disable all rules relating to protocols and ports beforehand. During the process of making connections by different applications, firewall will always ask what to do. That is the exact moment to set up a rule, which can be done permanently or only during the connection in question, i.e. while you're online.
However, you definitely can't manage without DNS (Domain Name System) and a browser. DNS works on port 53 and has to be enabled to be able to carry out a connection between two computers. The UDP protocol will allow the two-way communication only on port 53 or domain, but TCP protocol should also be added.
After that, you will start your favorite browser. Don't rush into giving permission for its communication on all ports and protocols. Take it step by step – as the firewall keeps asking, approve or forbid connections. For starters, it's enough only to allow TCP protocol communication only on ports 80 (http) and 8080 (http-proxy) if you are using a proxy server. If there is a need for more connections later on, it will be easy to simply add them.
A word of advice: don't add anything the firewall doesn't ask you to add, since the rule with firewalls is that they are set up from the general to the specific.