What is a Firewall? – Hardware vs Software
As the image suggests, it is an enforced protection between your computer and the rest of the world. There are both hardware firewalls and software firewalls that you can implement on your computer system.
Let’s talk about the differences…
Hardware Firewalls (NAT Routers)
It is most likely these days that you have a Network Address Translation (NAT) router sitting between you and the Internet. NAT routers are probably all you need in the way of a firewall. With a NAT router, computers on the Internet cannot connect to your computer unless you have already made an outbound request for them to do so.
An outbound request, for example, is when you use your browser to load a web page. You have made a request of a computer on the Internet to deliver this page to your computer. If you do not make such a request, your router will deny its access and basically toss it to the wind. This is a very secure system and protects you from the bad guys that are trying to gain access to your computer and any others on your local network.
The only weakness is when an outbound request occurs when you don’t know about it. Let’s say some Malware has somehow found its way onto your computer. It decides to “call home” to let the bad guy know that you have accessed your bank account. In this case the router cannot discern between a legitimate request placed by you, or the malicious program. All it knows is that a request was placed by your computer and it will therefore honor it when the Internet computer responds. Not good…
There are many, myself included, that say, “If your computer is already compromised, any further protection becomes a moot point.” My case is simple– if you already have a Malware intrusion, your system is no longer protected by anything. Your layers of protection have already failed you and need to be re-thought. It needs to be fixed. Now.
No amount of further scans with the same or other programs will ever get you a 100% guarantee of system “cleanliness”. A complete re-install of the Windows OS is the only option. It’s the plain ugly truth. Sorry.
Software Firewalls
A software firewall, such as the bundled Windows Firewall, goes one step further. They monitor outbound requests, and if they don’t recognize the program making the request, they will prompt you for permission to allow it. If you don’t allow it, the router will never know about it.
Remember, this happens before the request gets to your router. If the router doesn’t get a request from your computer, it will deny any response from the outside.
In earlier days I was a firm believer in installing software firewall programs on computers. There are many such programs available for free on the Internet. ZoneAlarm was the go-to solution for many years and I was a strong supporter. The unacceptable problems I ran into with a lot of these programs became:
- They got bulky over time and seriously slowed down my computer,
- Instead of devoting themselves to a firewall solution, they branched out into anti-virus, eMail protection, anti-malware, anti-spyware, Internet safety, browser add-ons, and the list goes on. They tried to be an all-in-one solution for anyone connected to the Internet and that once again became bloat-ware which slowed down my computer. Calling themselves ‘suites” did not make me any happier. There was nothing sweet about this evolution,
- They became expensive. Even the free versions became a real pain in the neck to use. They started throwing up distracting ads in the form of pop-ups in an on-going attempt to sell me things I did not want. They inundated you with warnings about this and that– many of which were cryptic and hard to understand. Now, instead of just slowing down my computer, they were slowing me down as well.
An aside: Anti-virus programs are taking the same ill-fated path but short of disconnecting the Internet, I have yet to find a solution for this creeping crud.
I ultimately decided it wasn’t worth the agony and chose to use only my NAT router and the basic Windows Firewall, and a free Anti-Virus solution (I use Avira at the moment but that is going to change soon- they, too, are annoying me to no end with lengthy scans I can’t control and pop-up advertisements with their so-called “Premium” offerings).
My life has become much simpler and I like things simple. Incidentally, since I made this decision, my computer has yet to be compromised by unrequested malicious viruses, malware, Trojans, or any other form of junk. Several years now so I rest my case.
Windows Firewall Gets Messed Up
As with all things Windows, after a time, it gets mucked up. This is mostly due to human error and incessant tinkering. If you are the least bit like me you will be installing and un-installing software for testing purposes on nearly a daily basis. Granted, this is not normal behavior. My only excuse is that I do it for you, Dear Readers. (That’s my story and I’m sticking to it.)
Here’s a possible synopsis:
Windows Firewall will throw up a complaint about a program on your system asking for Internet access. You will allow it because you know darn well that is what you want. Six weeks later, or months, you find out that trusted program should not have been your buddy in the first place. You don’t remember that you told Windows it was OK. Now you have an inaccurate and bad entry in the Windows Firewall rules database. You un-install the offending program.
Just because you un-install the naughty program does not necessarily mean it is truly gone. It may still be running in the background somewhere performing its mischievous deeds. We all know this from our past experience with the way Windows works. Adobe products are a great example. I challenge you to fully un-install a copy of Acrobat Reader. Good luck with that!
Note: This is just my opinion, but I think Adobe’s Acrobat Reader is the hardest-pushed, most useless piece of junk on the Internet. It is thoroughly intrusive on a Windows system and should be avoided like the plague. It inserts itself into your Windows Registry as so many tentacles– like a mother-in-law into your wedding. There are many alternative choices of Free and Portable PDF readers available on the Internet that do a much better job. Just my two-bits worth…
Note #2: For the young in this audience, two-bits equals 25 cents (US). You have now entered the major leagues and will, with no guarantees from me, glean respect with all its potential rewards from your elders due to this new-found knowledge.
How To Reset the Windows Firewall
If you find yourself in this undesirable situation, you have a couple of options. One is to go through all the rules you have changed to alter the Windows Firewall’s behavior. Depending on the unfortunate decisions you may have made in the past, this can be sheer drudgery. The other choice is to simply reset all the rules to their default settings.
Please note that by doing so, it may break some of the applications you are using in which case you will have to once again tell Windows that it is OK for that particular program to have access to the Internet. That should not be a big problem unless you have gone totally wonkers and allowed Internet access to tons of programs you probably should not have in the first place.
Note for the uninitiated: “totally wonkers” is a scientific expression usually only shared among society’s intellectual elite. Cough.
To reset the Windows Firewall rules is dead simple. The following steps are for Windows 8.x
- Right-Click the Start Button and choose Control Panel
- Choose Windows Firewall
- In the Left Panel of the window that opens, choose Restore Defaults – You will receive a warning notifying you that this will remove all the settings you have changed and may cause some of your Apps to stop working. At this point, I’m guessing this is probably what you want, so click the Restore Defaults button.
If you are running Windows 7, the steps are basically the same with the exception of having to click your mouse a few more times. Isn’t that always the case…
Conclusion
If you have run into problems along these lines I will be the first to say that it is unusual. However, it is always nice to have the ability to immediately reverse the silly decisions we may have made along the way, especially when you consider not having to face the daunting task of re-installing the Windows Operating System. Whew!
Keep in mind that your brain is the best firewall and antivirus solution you own,
Richard
Thanks for this, I had no idea. It makes total sense now.
Hi Ralph,
Glad it helped,
Richard