What is a firewall?Letâs start with the Webopedia definition:
(fčr´wâl) (n.) A system designed to prevent unauthorized access to or from a private network. Firewalls can be implemented in both hardware and software, or a combination of both. Firewalls are frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets. All messages entering or leaving the intranet pass through the firewall, which examines each message and blocks those that do not meet the specified security criteria.
There are several types of firewall techniques:
â˘Â   Packet filter: Looks at each packet entering or leaving the network and accepts or  rejects it based on user-defined rules. Packet filtering is fairly effective and transparent to users, but it is difficult to configure. In addition, it is susceptible to IP spoofing.
â˘Â   Application gateway: Applies security mechanisms to specific applications, such as FTP and Telnet servers. This is very effective, but can impose a performance degradation.
â˘Â   Circuit-level gateway: Applies security mechanisms when a TCP or UDP connection is established. Once the connection has been made, packets can flow between the hosts without further checking.
â˘Â   Proxy server: Intercepts all messages entering and leaving the network. The proxy server effectively hides the true network addresses.
In practice, many firewalls use two or more of these techniques in concert.
A firewall is considered a first line of defense in protecting private information. For greater security, data can be encrypted.
http://www.webopedia.com/TERM/f/firewall.html
Eh? What? Who?
I hear you; we need someone to explain what the heck a firewall is, but in laymen terms.
First of all, there are two kinds of firewalls, the ones we all use on our PCs (known as Personal Firewall or Desktop Firewall ) and the others that are hardware based, in your router or where enterprises deploy in their operations (these cost a lot of money to buy, up to thousands of dollars). Both are integral to the everyday maintenance and security of a PC.
So why have two?
Because there are 2 things that a firewall does.
First, it acts as a prevention tool, and makes you invisible on the Internet. Imagine the Internet as a highway (literally) with houses scattered all around it. Each one will have its own number, as well as doors, windows, etc. Each house represents a computer connected to the Internet. Now, wouldnât it be cool to have âinvisible paintâ that I can paint my house with on this highway, so that people canât see me ď? Yup, thatâs one function of a firewall. It makes you invisible on the Internet highway so that hackers donât know where you are and they canât hack in to your machine. Hackers are like the nasties on this highway, who go knocking on your door to see if anyone is in, even try to open the door to see if they can get into your house. After all, in the virtual world, hackers get in to your house (your PC) and take over as you have much less visibility to whatâs happening in your PC than your house!
Yes, but the firewalls in our routers have some firewall functionality to stop hackers from getting in to your PC, donât they?
Yes sir, you are right. Some hardware firewalls do have this functionality. That is why firewalls (the PC firewalls) have evolved to offer the 2nd functionality, âdetectionâ.
Huh?
Okay, let me think . . . got it! Making yourself invisible only protects you against one type of threat. There are numerous others. Think of them like this:
1.   The hacker throws a hand bomb through a window he manages to open.
2.   The hacker puts a nasty bomb in your shopping bag without you realizing it. You take the shopping bag home.
3.   The hacker drops a package at your front door and you open it.
4.   The hacker gives you a really nice present that you will be proud to display as a piece of furniture. It looks a bit like a Trojan Horse, but you like it.
Protecting your PC against these attacks is tough, because they are not thoroughly understood. The idea is to prevent your stuff from being stolen, right? So how do you do that in the PC world? Letâs serve this up in the âreal worldâ. It looks something like this.
You are shoplifter and you go to a retail outlet and identify some nice clothes to steal. You are wearing a huge coat so that you can put some of these clothes on you in the dressing room and simply walk out with them. Good plan so far. ď Ok, you go pick 5 items, go to the dressing room, and put them on. You feel like smiling, but donât! You will give yourself away. Just walk towards the door as if nothing has happened. DO NOT WHISTLE! You are making it too obvious. Just walk normally. OK, great, almost there. Keep goingâŚ
BEEPâŚBEEPâŚBEEP ⌠OOOHHHH NOOOO!!!!
You forgot the remove the tags! Oh well, try telling the police this was just an experiment to show how PC Firewalls work, and see if they buy it. No, we canât visit you in jail. ď
Tags? What tags? Those electronic tags on the clothes I stole?
BINGO!
This is a tag alert system. It stops valuables from being stolen. If you have something being taken out of the shop without authorization, it sounds the alarms. Well this what your firewall does. It stops thieves from stealing, literally. If you have somehow managed to get malware on your system and that malware is trying to make a call home and steal information from you, the firewall will warn you. This is why your firewall must not âleakâ; otherwise, malware will be stealing stuff out of your machine, without your firewall alerting you. A leaky firewall is like a tag that doesnât work, shoplifter will take it out of the store without sounding any alarms!
There are many ways to get something nasty into your house, and guess what? In the virtual world itâs even easier! Itâs easier because not many people understand âwhat is whatâ. What may look like an Email or something else innocuous could spell disaster for your PC. Having both firewalls in place gives you both prevention and detection, so a hacker is outsmarted, both coming and going.
Now I hope I have been able to give you a good security briefing with this article.  If you take nothing else away from this,
âPut tags on your stuff, or itâs going out the door, people!â
Melih