People often think about the best way to configure their computer to protect against threats, such as, worms and Trojan horses. They say they have installed antivirus protection and never open unexpected email attachments. But they wonder if that is enough. Antivirus protection is certainly an important part of aneffective protection solution. It has the ability to detect known threats as well as many new ones, but there is a second technology that can be added to help complete the picture: a firewall.
|image credits: How Stuff Works|
While antivirus software helps to protect the file system against unwanted programs, a firewall helps to keep attackers or external threats from getting access to your system in the first place. Most people are aware that worms often travel through email. They generally arrive as an attachment to an email that the user is enticed to click on by the text of the email itself. We call these threats “mass-mailing worms.” The best thing to do with these threats is simply to delete the email and not click on the attachment.
Other threats travel from computer to computer without the knowledgeof the user. They can find a computer that has lower security settings or unpatched vulnerabilities, and insert themselves onto that system without the user ever knowing what is happening. Many worms and Trojanhorses, often known as “bots”, travel this way. They utilize the Internet to find computers to infect. The user will never know that their system has been compromised because the threat enters the computer quietly.
This is exactly where a firewall can help protect you. The firewall monitors all network traffic and has the ability to identify and block unwanted traffic. Since most computers these days are connected to the Internet, attackers have many opportunities to find victim computers. These attackers probe other computers on the Internet to determine if they are vulnerable to various types of attacks. When they find a suitable computer, they can compromise it and insert themselves onto it. At that point the attacker can make the victim computer perform almost any task he desires. Attackers will often try to steal personal information for the purposes of many types of fraud. All of this activity takes place in the background without the user knowing what is happening.
There are two basic types of firewalls: client firewalls and appliance firewalls. A client firewall is software that resides on the computer itself and monitors all of the network traffic on that computer. An appliance firewall is a hardware device that is connected between the Internet and your computer. These devices are often used in small network environments where several computers need to share the same Internet connection. The small routers that many people use in their offices and homes usually have built-in firewalls. If you use a router, make sure it has a firewall. Both types of firewalls can keep the attackers from gaining unwanted access to your computer. Users who travel should always have a client firewall installed on their system. You don’t want to take any chances when you are connected to the Internet away from the office or home.
While antivirus software is a great tool to help keep you safe, adding a firewall will give the bad guys out there the one-two punch that will be a knockout.
Source: Symantec Official Blog (slightly abridged)
Here you can get an extense list of firewall software available online, both for paid and free download.