Sometimes you might find that the applications you’re using simply refuse to play nice with your Firewall, and even trying to allow exceptions into the software doesn’t seem to help matters. The temptation to simply turn off your firewall and be done with it might be pretty high. After all, all it does is complicate your network experience, right?
Actually, it does a bit more than that- and turning it off might be a very bad idea.
See, every network application on your system communicates with other systems- and connects to the Internet- through software elements known as ‘ports’. Think of ports like a door or window in a house, or a fortified gate on a wall. The firewall closes off certain of those gates, not allowing anything to enter or exit.
It’s for this reason that applications which you’ve recently installed generally need to be added to your firewall as an exception- it doesn’t yet know to leave those ports open for when they need to be used. With this in mind, it again seems like it’d be easier to just turn off the firewall. That way you don’t have to worry about having to forward ports, and connecting becomes that much simpler!
See, the thing is, while not blocking any of the ports on your PC makes it easier for your own applications to get through, it also makes it very easy for malicious applications- and people- to gain access to your system. End result? Turning off your firewall and browsing the ‘net unprotected, you’re almost guaranteed to pick up a few viruses along the way, or give some less than savory individual easy, remote access to your system.
Firewalls protect you from a great deal of attacks which would otherwise have gone through easily. While there’s certainly a great deal of malware that can get through the default ports easily (that’s why it’s good to practice safe browsing and install a decent antivirus solution), at the same time, there’s also a wide array of attack methods that are either completely blocked, or made far more difficult to pull off, by the presence of a firewall. Certainly, there are some who disagree with me- a few folks who believe that firewalls are on the way out. While they certainly raise some valid points…
I don’t believe they’re dead, whether in a corporate setting or a personal one. I think a great many firewalls could use some significant redesign- but just because a great many firewalls are poorly designed and not very well-programmed, that doesn’t mean that the whole idea of a firewall is flawed. That just means we’ve some improvements to make. Anyway, you can draw your own conclusions, but my recommendation?
Leave the wall up, at least for the time being.
Like what you read?
If so, please join over 28,000 people who receive our exclusive weekly newsletter and computer tips, and get FREE COPIES of 5 eBooks we created, as our gift to you for subscribing. Just enter your name and email below:
Would it be safe to turn off a pc’s Firewall and still be safer with the router firewall still on ? For instance a Dlink DIR-655 ?
Sorry Nick– I read the Infoworld article– and you know what? That guy SAYS he’s a Network Admin and yadda yadda yadda–but now he just writes articles. And his article is loose and non-specific– Is he talking about Software Firewalls or Hardware Appliances? Maybe some people Write Articles because they actually sucked at what they used to do.
In my office– I have both software firewalls and a Hardware appliance running. I researched the settings. I researched the particular firewall modules. I didn’t just plug it in and get on my knees and pray. Without both sets of Firewall Layers, the front desk ladies and the Doctors would have trashed the network 9 ways to Sunday just on their shopping jaunts alone. It doesn’t even matter that I give them an Internet Machine were they can go ANYWHERE they please– They INSIST on finding ways to browse every Prada Shoe Site from the thinclient or workstation they happen to be at. The Links. The Ads, the Video codec downloads, constant Flash Update requests…all those innocuous pop-ups that demand that the viewer click OK so they can see more Prices and items…it’s beyond belief. So far, whenever nearly compromised a workstation, it turned out to be a hijacked Advertising Link. The Bad Guys aren’t all on the cutting edge– they are STILL using he old Tried-and-True methods. And in Most Cases– ALL they need is a woman using a computer to Shop & Browse. All they need is a Major News Event that they know will having everyone Googling or Pics. Michael Jackson’s passing nearly two down two workstations just from the ladies hunting for recent pics back then. The Firewall Blocked the rest when I reset the Filters.
Then there’s all the crapola waiting in the wings on every personal Facebook Login and the beleif that EVERYONE should have access to their PERSONAL EVERYTHING in the ‘Cloud’. The Firewall Appliance BLOCKS 85% of the generic slime. The Software Firewall and AntiVirus scrubs through the next 10%, leaving me to do a diligent manual scrub & clean once in a while for the remaining 5%
And it’s only my religious adherence to the Doctrine of the Firewall that the Office Network is viewed by everyone as the safest, trouble-free — and for myself, no frantic calls from a staffer telling me that the don’t know how it happened, but a program has hijacked their desktop.
Nah– so long as you have ordinary folks sitting at a Workstation at Work, and deciding to browse Macys.com or eBay– you will need a Firewall.