Simply put it acts as a barrier between your computer and the internet. To protect you from crackers, hackers and malware.
If your running DSL or a cable modem you should employ a firewall, as having a direct connection to the Internet can make you a target to attack.
Firewalls can be hardware or software based. With firewalls you set up ACL's or Access Control lists to allow or deny traffic.
There are three different ways a firewall can block traffic.
1. Packet Filtering- Packets are analyzed against filters in the firewall rulesets. Firewalls will drop packets that are not allowed in the firewall rulesets.
2. Proxy Service- Information from the Internet is grabbed by the firewall and delivered to the requesting service thru the proxy.
3. Statefull packet inspection- looks up criteria against a database of trusted information. To see if the packet contains anything that would allow
or deny it into the network.
Firewalls are customizable allowing you to create your own rulesets you can block IP addresses, specific protocols such as Telnet, FTP, ICMP, UDP, SMTP and many others.
Firewalls can be customized to block specific ports, or even keywords.
There are many software firewalls availiable such as Tiny Firewall http://www.tinysoftware.com/home/tiny2?la=EN That is designed to keep hackers out of your network and block Spyware.
Zone Labs makes ZoneAlarm I like it bcause it has a simple interface allowing home users to configure it easily. http://www.zonelabs.com/store/content/home.jsp
For hardware firewalls there is:
Cisco www.cisco.com There brand is called PIX firewall.
From home users I like D-Link DI-604 this is a inexpensive firewall that works well. Best of all it fits into almost any budget.
Linksys (now part of Cisco) offers a router/firewall that supports VPN and DMZ. www.linksys.com
There are many hardware solutions including setting up a firewall on a *nix box. I like this the best as it gives you the firewall administrator the most control. I personally like OpenBSD for any security applications I would run with Unix, as it is secure. There have been very few exploits against this platform.
Article By: Benjamin Hargis