Does anyone know of a simple but thorough tutorial on how firewalls work, and how to configure them? The problem I run into is that I dont really understand what is going on "under the hood", and therefore feel a bit in the dark as to which are the best firewalls to use, (or whether the built in Windows XP firewall is any good), and which Operating System processes should and should not be allowed to access the internet, or whether certain programmes should be given "server rights".

I have read quite a few articles but they are either too technical (lots of unexplained jargon) or too simplistic (no real account of how they work - just tell you what they protect you against). In most cases they give little indication how a beginner user should configure them.

Thanks

ok al...bare with me..

a firewall is either hardware or software..

hardware= either bought card or comes with router..which has what is called firmware installed..a firewall blocks unwanted trash and "talk" between networks.thats as simple as i get get.theres more info but then that would get into the tech side of it and dont want to give ya a headache.

software=a software firewall blocks incomeing access to computers by a proxy setting closeing open ports etc...not as realiable as hardware but does the job..this allows you to configure what programs u want to allow access to your computer thru a network and/or internet.

HAVEING BOTH HARDWARE AND SOFTWARE IS GREAT IF YOU WANT TO SPEND MONEY. more money the better the protection.

hope this helps..and i can recommend great hardware or software as followed

hardware=any linksys or cisco router brand with latest firmware installed; these come in many flavors and design as well as brand..these are my personal favorite so take it as that..

software= i done alot of controled testing with a test computer on sites with known worms trojans and viruses..and found the software of this particular brand block them all out..only thing i got was access boxes that deals with the microsoft java problem but simpliy click no will stop that.

tested software was "zonealarm pro with web filtering"....setup was mask ip address, block all pop ups all 3rd party access stealth mode block all banners...now for the fun part was the web filtering which u get totally block out xxx sites and other bad places that viruses trojans love to be...

i can honestly say without zonealarmpro i would have tons of those things killing my poor test computer.

i do recommend anyone not to surf for porn or cracker sites as these guys protect there stuff with very very bad viruses trojans and worms..experiance computer peps can safely travel thru them but a not so tech person will easily fall prey. so for porn stick with the stores or spend some money to protect that computer.

good luck and added humour was free as is knowledge hope this helps

killer101

It's not as simple as software vs. hardware firewalls. For example, many "hardware" firewalls run embedded Linux and therefore use the same firewall software as my desktop that runs Linux. My router, or "hardware" firewall is a Pentium 166 running OpenBSD. In other words, purely software.

The real difference is routers vs. firewalls. What "hardware" firewalls do is hide your computer with Network Address Translation (NAT), so anyone attacking your IP address encounters the router thinking it's your computer, but the router is usually more secure by default than your computer. When you make an outside request, the router takes note (a proccess known as connection tracking) and allows any replies to your request to get back to your computer, but nothing more. If you didn't make any outside requests, your computer would be impossible to detect behind a router.

Where "software" firewalls fit is blocking outgoing requests. If you were to get a trojan, it could send a request through the router to the cracker. Then your router will allow the cracker to reply over that connection. In theory, if one could avoid trojans, a router would be adequate security.

In my opinion, the best way to avoid trojans on Windows is to avoid frequently exploited software like Internet Explorer and Outlook. Mozilla Firefox and Thuderbird are excellent alternatives. Firefox has popup blocking, tabbed browsing, and a number of other nice features. Also, avoid executing suspicious files downloaded over P2P networks.

If you are currently running XP without any firewall at all... do yourself a big favor and at least turn on the built-in XP firewall while you learn more about what you are doing. It isn't complicated to use... you just turn it on and let it do it's thing. It has it's flaws, but it will stealth your computer quite nicely and help keep you out of harm's way until you install a more powerful firewall.