Unless you have a very old computer, it probably has a "firewall"
built into it. That may be the Windows firewall provided with XP and on up or the "Sharing"
control on a Mac, or a firewall included with your antivirus software.
What is it for? It's to help keep bad things out of your computer
and also (with some firewalls) to keep your computer from doing bad things
to someone else.
But wait, you say: I thought that was what virus software does? Well,
yes, but it's a little different. Virus software examines things you
bring into your computer (web pages, email) and tries to make sure
they are safe. It's like a parent checking the bag of Halloween
candy their child brought home. A firewall is a lock on the door: it
stops things you don't want coming in at all.
Take a very simple case: your printer. You want to be able to
print to it, of course, but you don't want me to be able to use it from
here, right? I could waste a lot of your paper and ink, couldn't I?
A firewall is part of what protects you from that - and
of course much worse. If, for example, you just "hook up" to
the Internet without any protection at all, your computer could possibly
be "owned" within hours - sometimes minutes. That is, someone could
have hacked into it, taken control, and would probably use it as
part of a vast network of such hijacked computers that are used for
sending spam emails and other criminal purposes. That's not
a joke, not an exaggeration: it's real. You won't even know that your
computer is doing this, though it may run more slowly and "act up" more.
So a firewall is a good thing. But - particularly with the
third party firewalls like those that come with Norton AntiVirus,
McAfee and others, a firewall can also be the source of computer
problems, glitches, and mysterious behavior. When I am working
at customers sites, I often find that misbehaving firewalls are
the source of the problem I was called to fix.
If something is odd, if your computer is suddenly acting strangely,
the first thing you might try is turning off the firewall if you have
one. How you do that varies, but third party firewalls often show
up in your System Tray or at the top of your Mac screen; if you right click on them, a menu usually
comes up that will let you temporarily or permanently disable them.
Windows Firewall can be disabled in Control Panel. Often shutting
off these firewalls fixes your problem instantly.
Can you leave the software firewall off?
Well, that's a hard question to answer. Let's say that you turned on your computer
this morning and found you could not send email. Following my suggestion, you disabled the firewall and you CAN send email! Wonderful - it's fixed!
Well, no, not quite. Something is wrong because your firewall should let you send mail. You
should fix that or get someone else to do it. If it's going to be someone else, turn the firewall
back on and tell that person the whole story: mail works with the firewall shut off, but doesn't when it is on.
They'll fix the firewall and you'll be fine again. They'll appreciate you saving them some time, too.
But shouldn't you be worried while it is shut off? Again, a hard question, but it's usually fine, because
most of you also have a hardware firewall: that router that your computer
plugs in to. That device is a firewall itself; you really absolutely, positively
need a software firewall at home if you have a hardware firewall.
Not sure what you have? Here's how to tell: do Start->Run
and then type "cmd" (on older systems type "command"). That opens
up a "DOS box", or "command window" as we old geeks call it. In that
box, type "ipconfig". You'll get back something like this:
Windows IP Configuration
Ethernet Adapter Local Area Connection:
Connection-specific DNS Suffix:
IP Address....................: 192.168.11.2
(and more, but it's the IP Address we want)
On a Mac, you could open Terminal and type "ifconfig" or just look at the Network panel in
If that number ( 192.168.11.2 here) doesn't begin with 192, 172 or 10, you don't have
a hardware firewall, and you need to shut your computer off, get up, and
run to the store to buy one. I'm not kidding: it's that important.
I've really glossed over this subject - hardware firewalls are a very important
part of Internet security - so important that the one I use costs over $900.00.
But I have special needs; all you need for typical home use costs $50.00
or so. It's a small price to pay for what you get. Installation is
simple and they come with full instructions.
Now, back to whether it's ok to leave the software firewall off. It can be
helping protect you, so if someone else put it on your machine, I'd say leave it. That said, I
only have the hardware firewall protecting my machines. Admittedly, that is probably a much more sophisticated
piece of equipment than what you got from Verizon or Comcast or whomever.
If the software firewall isn't interfering with your use of your computer, I'd say keep it. If
it IS giving you grief, ditch it or replace it.
I do want to explain one likely difference. Most low end hardware firewalls (like what you
probably got from your ISP) only protect you from INCOMING threats. Most do NOT stop your computer
from doing OUTGOING things it should not be doing. The software firewalls usually do protect that
also. That's possibly a good reason not to leave it disabled for very long. If your computer
became infected by a virus, those outbound controls might (I said *might*) help stop it from
sending out information or attacking other computers.