Get the picture:
You could picture your computer as being an intricate building. It contains information and assets and can be connected to a network and consequently to the World Wide Web through specific paths, thanks to the miracle of IP and DNS naming and addressing schemes. The virtual buildings are allocated addresses, digital coordinates, and are open to potential services available on the WWW through a huge number of doors: each computer has exactly 65 536 IP ports.

The ports in question are by default open, but some of them are only providing access to internal services while others do not lead to a service at all. Only the doors leading to public services are supposed to stay open for outside requests; In any other case they should remain shut in order not to constitute a potential weak point of your computer’s security system.

Now what?
Firewalls are like security guards watching over all your computer ports. In real life, you may not lock the front door of your house when you are inside, however you would probably not keep your doors and windows open 24/7. That is nevertheless what usually happens with personal computers: they leave their ports wide open even when they are not offering or expecting a service. Therefore, installing a personal firewall is like hiring a security company to ensure that your computer stays protected from outside threats and intrusions.

Has this something to do with Internet Safety?
Of course it does. Cyberbullies with enough IT knowledge can, for instance, trick innocent users into installing a Trojan horse allowing them to spy on every single activity of their victims and retrieve precious personal or other information. Even worse, you may have heard of the webcam spying incidents where predators managed to lure their victims into installing a program opening backdoors on their unprotected computers in order to spy on them through their webcams whenever they were online…

Firewalls would, in such cases, warn the computer user that a new server/connection is being created and ask if (s)he really wants to proceed. But do users have the right understanding of and reactions to these warnings? Educating users on basic security aspects would probably prevent uncomfortable or dangerous situations.

Some tips:
-Install a personal firewall of course. Windows XP has its own firewall embedded since Service Pack 2. It is not the best but it can do the job as long as you keep your computer’s operating system up to date with the Windows update service. Otherwise, choose a firewall which has received good reviews from respectable institutions (e.g. IT magazine, your Internet service provider etc). Some software you may want to have a look at are :

• 1. Norton Internet Security (http://www.symantec.com/)
• 2. ZoneAlarm (http://www.zonelabs.com/)
• 3. McAfee Firewall (http://www.mcafee.com)
• 4. Kaspersky Internet Security – this one includes an antivirus (http://www.kaspersky.com)
• 5. Kerio personal firewall (http://www.sunbelt-software.com/ )

- Try your best to pay attention to the warnings that your firewall creates. Not even the best firewall there is can protect your PC if you just press "OK" every time you get a security alert.

- It is true that security alerts can be confusing. But remember: you usually DON’T want to install a server on your personal computer (that is to open a door for incoming requests), unless you know exactly what you are doing or the program you are using.

- Don’t deactivate your firewall all at once: if one of your programs is being blocked for an unknown reason, don’t just turn off or exit your firewall program. Try to understand how it works and add specific rules into it if you need to (i.e. tell the guard to leave one specific door open at your convenience). There are plenty of tutorials online, or in your firewall documentation. Have a look!

http://www.microsoft.com/technet/security/smallbusiness/prodtech/windowsxp/cfgfwall.mspx
http://www.elluminate.com/support/faqs/personal_firewalls.jsp (there are some famous firewalls tutorials there, but no responsibility is taken regarding their website “Live!” service…)

From your devoted IT Security engineer.