Welcome! Log In Create A New Profile


FIREWALL's for iDiOt's - explained

Posted by Anonymous User 
Anonymous User
FIREWALL's for iDiOt's - explained
March 25, 2011 07:41PM
Firewalls for IdiOt's
A simplified view of Firewalls for Novices!

So what is a Firewall and why do we need them?
If we imagine that our PC is a Medieval Town then you are the King of that Town,
All the commodities of the Town are the data and information held within it.

Obviously as the King of your Town it is your responsibility to allow the movement of trade (data) whilst keeping out the more dubious characters (hackers).  I mean if you allow anyone to come and go (turn off your Firewall)  then you are not going to have many unique commodities left and your Town will be over run by Thieves (Infections).

So one day you decide to build a wall around your Town to keep EVERYONE out!,  this is the primary role of your Firewall. It provides a barrier to everyone on the Internet from gaining access to your Computer.

Now if your Town is going to conduct any meaningful trade (of data) then it is going to need Entrances for the people you want in, and the traders who need to get out, to pass through.
So, we will need Town Guards to stand at these entrances checking against the lists we are going to provide them with so the Guards do not pester the King all the time.  These lists will contain all the local people (Allowed) that come and go on a regular basis and the known villains (Blocked) you do not want in.

These entrances are called Ports on a PC and the main port is port 80. This is why when you first run a new installation of a Firewall it keeps interrupting you with questions all the time, this is one of the Guards letting the King know that someone is at an Entrance of the Town who isn't on any of the lists, so he sends a message to the King asking, "Shall I let him in/out?"

Care is needed when giving your answers.

If its an application on your PC and you know the program is ok then you allow it, if it isn't then block it, and if you do not know then go on the web and look it up!

You only need to tell the Guard once, as long as you remember to tick the 'Remember this' tick box or its equivalent, then the guard adds it permanently to his lists.


Personal note:
Most of the time you get these warnings you just opened something and it is this asking. In my personal experience when you don't open something and one pops up is when you show more caution. Also consider if that software really needs internet access, especially if it deals with personal information. You can always go check the version periodically
Some Traders ask for their own entrances(ports) to be opened, they are going to need constant access to the outside to perform their tasks and deliveries are going to need to know where to deliver.

If your Town is in a Complex of Towns (Home Network) that Complex may be surrounded by its own wall (Router Hardware Firewall) so your Traders Entrance may need connecting to another entrance on the Complex's outside wall and this is referred to as Port Forwarding.

And that's it for a simplified look at Firewalls of which Peer Block is a sort of Firewall. Yes there is a LOT more to them and I could continue to expand this information but it would just confuse someone new to this area of security.

If you are a self confessed PC novice then this is all you need to know to understand the gist of the task that your Firewall performs and why its one of the most important areas of security.

If an AntiVirus is the Town Police Force, then the Firewall is the Border Control!

We, as PC users need the ability to block out some malicious IPs. The main difference between Peer Block and a traditional Firewall product is you can choose who to block out by categories according to your own personal choices, so if your a college student wanting to block out Sir, then the Educational Establishments List would be of interest . . .savy!

Regards Phil
NEVER turn off your Firewall whilst online, it takes about 30 seconds to get infected.
If you already have, then I would send in your Police Force because your probably already infected.

Edited 23 time(s). Last edit at 04/06/2011 08:43PM by MrScabby2.
Re: FIREWALL's for iDiOt's - explained
March 31, 2011 01:44AM
Here is the number one rated firewall on the net.

And like so many other things that are great in this world its free.
It comes in both x86 and x64 bit flavors.
Re: FIREWALL's for iDiOt's - explained
March 31, 2011 09:06AM
what about avast anti-virus?

whats a good free firewall? windows defender is a joke.

i just got my internet back and my mcafee is long expired but im running avast and PB for now but would like input on both.


*please no windows suggestions, bug-ridden don't trust.

Life is like a box of chocolates................................umm chocolate, yummy grinning smiley

Edited 1 time(s). Last edit at 03/31/2011 09:31PM by brandonjm8.
Anonymous User
Re: FIREWALL's for iDiOt's - explained
March 31, 2011 11:12PM
In the last 15 years I have never purchased ANY security software only free stuff, I use my PC for Ebay and Banking and have (to date) never had anything more severe than Adware or Spyware. I believe that the majority of security related problems are caused by the user of the PC not understanding the security software's role and how to use it.

I use Commodo, Avast, Malwarebytes, Spybot (without teatimer) and another little known security app called Spywareblaster, but as I have found most people prefer their own security set-up. Go ask that question in a busy forum and you will have just about every combination of security software quoted and backed up by someone pleading how well their set-up works.

A word of warning about Commodo though, this is also true of a multitude of other Firewalls
DO NOT USE GAME MODE - If you do then apps can gain default access while your in GAME MODE

I could not work out how programs were bypassing my preferences, even when they had already asked for internet access and I had told it NO, when I looked next time it had added extra conditions without my knowledge or permission, I set the alerts to maximum and still they were bypassing my rules. I eventually tracked this down to the Game Mode.
Apparently when you enter Game Mode, the Firewall will default to the programs requests if the program asks when in Game Mode - presumably because it does not want to interrupt you. However I suspect software manufacturers are aware of this and take advantage of it. Why else would it be asking for extra rules sets when I'm in game mode. Run the software multiple times and no requests come up except for the initial requests after installing. Enter Game Mode and they appear. I even tried to set the software as a Blocked Application thinking this would stop the rules being added, when I did, I started spotting NEW programs listed that the software had created and asked for internet access while in game mode and of cause was subsequently granted.
I have always trusted Firewalls to protect me without question, I question every entry now!
I DO trust Peer Block

Edited 2 time(s). Last edit at 03/31/2011 11:54PM by MrScabby2.
Re: FIREWALL's for iDiOt's - explained
April 01, 2011 02:21AM
alright, thanks for the input.

i had mcafee for a year and got two viruses/malware and it contained then deleted them, i have had this computer for over 2 years now and i am glad to say virus free! i dont have the money at this time to go buy something maybe alittle more proven or researched/tested for a firewall so im looking for the best free firewall, i have little experience in the variety of firewalls which is why i asked above question. i like avast and think i'll keep it for an anti-virus, the active systems are nice which is what mcafee had is the way to go if you ask me. with firewalls i guess im wondering if all are the same or if there is a freeware thats better than the rest.

once again thanks for the input!

*once again just in case, please no windows suggestions :-p

Life is like a box of chocolates................................umm chocolate, yummy grinning smiley

Edited 4 time(s). Last edit at 04/01/2011 02:23AM by brandonjm8.
Re: FIREWALL's for iDiOt's - explained
April 02, 2011 08:19AM
this will the last edit for this post....

comodo is by far the worst ever firewall i have encountered :-(((((((((((((((((((((((((((((((((((((((((((angry.

its too advanced for me or something holy f'ing crap, comodo+wireless internet=TROUBLE. it kept disconnecting me from the internet, kept turning my file sharing on when i want if OFF, and for some reason kept turning windows firewall on then off then on then off then on then off...............f it, goodbye comodo.

never and i mean never have i had any of these problems with my past firewalls, right now i am wishing i had the extra money to get mcafee back, its not the best but it is hightly rated and i never had any problems and it worked great, still virus free.

sorry guys for rambling but i dont get it, i tried using all kinds of setting configurations, tutorials, forums, what have you and i give up with comodo and will never use it again.

Life is like a box of chocolates................................umm chocolate, yummy grinning smiley

Edited 3 time(s). Last edit at 04/03/2011 05:35AM by brandonjm8.
Anonymous User
Re: FIREWALL's for iDiOt's - explained
April 03, 2011 11:21PM
Brandon try ZoneAlarm, but still avoid the game mode, Commodo is not really a novice's Firewall however they have been addressing this issue with the latest release. Trying to make the installation and Graphic User Interface a bit more User friendly but it is a little confusing depending on how many firewalls you have seen.

Edited 1 time(s). Last edit at 04/03/2011 11:21PM by MrScabby2.
Re: FIREWALL's for iDiOt's - explained
April 04, 2011 06:34AM
one step ahead of ya, installed the free version of zone alarm yesterday.

one think struck me as odd tho, with the free version i guess it doesn't come with an OS firewall just a firewall <------head scratcher. i thought they were one of the same, i must be behind in times lol.

i'm really not a novice per say but not advanced, i know my way around and know some configurations and do read forums and junk for the extra info but comodo wouldn't register my network or something, i tried believe me i tried, but w/o comodo i have far less internet connectivity issues. also the auto-on bypassing user setting turning my file sharing on when i want it off really annoyed me, couldnt find what the problem was either.

i read tutorials including installation and configurations and read forums and couldnt find any answers so i gave up with comodo. to my knowledge i think i tried everything, looked under all tabs settings advanced or not and couldnt get it configured right. the thing that sucks with free zone alarm is no stealthing capabilities :-(.

you are right bout one thing, i dont have much variety of firewall experience which is why i asked for suggestions. but alas i think i'll use zone alarm til i got the money and get mcafee back, i loved mcafee did a good job and ran smoothly and thought it was a good value ($60/yr aint bad), plus it was much easier doing the advanced stuff and i had configured perfectly and most of all kept my comp virus free.

thanks for your input, much appreciated.

Life is like a box of chocolates................................umm chocolate, yummy grinning smiley
Re: FIREWALL's for iDiOt's - explained
April 10, 2011 02:36AM
Windows Firewall with advanced Security works great for me. It gives me all the flexibility to configure it anyway I wish.
Also running Microsoft Security Essentials antivirus. Both work wonders protecting my Server 2008 R2. And of course they are both free.

Edited 1 time(s). Last edit at 04/10/2011 02:37AM by RobrPatty.
Anonymous User
Re: FIREWALL's for iDiOt's - explained
April 10, 2011 12:14PM
yess Ok Thankss For You!
Anonymous User
Re: FIREWALL's for iDiOt's - explained
June 17, 2011 04:42PM
I'm going to bump this, admin can we get this pinned. When I read questions directly relating to basic Firewall principals I think perhaps I should ask you to pin it up, so this time I'm askin? lol
Anonymous User
Re: FIREWALL's for iDiOt's - explained
June 22, 2011 09:32AM
There are several leaks using the internet.
1. If anybody is connected to the internet and does nothing, the oldest threat - hacking. Solution: firewall (e.g. win 7). Think about a Zyxel Zywall, Cisco ASA5500 or SonicWall TZ201.
2. Homephoning of windows. PeerBlock can be used for blocking all MS server (unblock every month for updates). Disable IPv6!!! Disable NetBios, epmap DCOM, -ds Port 445, LM Hash
3. Infected systems: Need for a good AV - check out experts [www.youtube.com]
4. Browsing on infected websites: Run your browser maybe FF (better not IE) in Sandboxie with Keyscrambler.
5. Prevent reading your traffic: HTTPS finder, HTTPS everywhere
6. Prevent that servers spying your PC during your visit: Use NoScript, RequestPolicy, Cookie Manager Button, Cookie Whitelist with Buttons, Better Privacy, InlineDisposition
7. Prevent that your profil is easy to recognise: change your UserAgent every day automatically, fake a little bit with IPFlood, hide your plugins using Quick Java, Plugins Toggler
8. Prevent cross references of downloaded scripts and all stuff, the website sends to your computer: PeerBlock prevents you from connecting to anonym servers in the back (of all IPs in blocklists). Helpful is using ShowIP - you can see the e.g. needed but blocked IP.
9. Hide your IP by using Tor or VPN.

Be aware of DNS leakage [www.dns-oarc.net] VPN is not always (more never) prevents for sure your DNS server. If you are connected to a website, it is not a big deal find out your DNS server. So, it will be not difficult to find out the real IP requested for a specific site looking for the log!
Firefox can forward DNS request to proxy server: network.proxy.socks_remote_dns=true

Disconnect after 5 minutes off no traffic (router setting), so you will get several different IPs during your session.

Edited 2 time(s). Last edit at 02/01/2012 12:41PM by PBChecker.
Anonymous User
Re: FIREWALL's for iDiOt's - explained
June 23, 2011 11:20AM
By the way: for all win 7 users, you may 'appreciate' the support of microsoft, if you are using your search engine.
You don't use IE (firefox instead) and may use scroogle search engine, what do you see in Wireshark log.
With every request you send to scroogle (via firefox), there is a connection to Microsoft servers.

What MS said:
The Search box on the Start menu integrates multiple kinds of searches, making it easy for you to search for such items as files, programs, recently visited Web pages, and Web pages added to the Favorites list.
By using Group Policy, you can exclude recently visited Web pages and Web pages added to the Favorites list from searches.
The Group Policy setting is in User Configuration under Policies (if present), in Administrative Templates\Start Menu and Taskbar\Do not search Internet.
If you enable this policy setting, the Search box on the Start menu will not search for recently visited Web pages or favorites.
Anonymous User
Re: FIREWALL's for iDiOt's - explained
June 25, 2011 10:01PM
Hey PBchecker you aught to put that together with implementation instructions, title it something like Securing your Browser.
Thanks for the info, some things I hadn't thought of there,

One question, Why disable IPv6? Is this not trusted yet
Anonymous User
Re: FIREWALL's for iDiOt's - explained
June 27, 2011 12:52PM
Ok, there are a lot of different statements to IPv6. One is, there is no problem. Your ISP will give a static IPv6 to you for ever, but only the first part of the number is static and the second part is dynamicly changed by your ISP every 24 h. So, you are browsing the internet with dynamic IPs.
The IPv6 numbers of every hardware device in your own subnet are also static. Only your computer will show changing numbers, if you set Win7 in that way.

Another opinions come from meetings as the 'Chaos Computer Club'.
There was a lot of really special stuff published, which I can't comment. But I guess these guys are not paranoid,
so I take that for real and stay 'better save than sorry'.


Edited 1 time(s). Last edit at 11/15/2011 06:54PM by PBChecker.
Anonymous User
Re: FIREWALL's for iDiOt's - explained
June 29, 2011 08:28AM
With an image app (paragon-software.com/free/ very smart and easy), save the computer as you love it, download trials, test everything --- [www.giveawayoftheday.com] ---. Image back, all is fine. If you blow the system: format c: - windows without anything - Paragon: image back from d: or e: 30 minutes later, here we go!

Edited 1 time(s). Last edit at 11/16/2011 11:10AM by PBChecker.
Anonymous User
Re: FIREWALL's for iDiOt's - explained
June 30, 2011 02:22PM
DNS forward requests to high-anonymous proxy server:
FF: network.proxy.socks_remote_dns=true
Check whether the proxy is really high-anonymous:
Check whether own DNS server appears in the lists of:

Edited 1 time(s). Last edit at 11/15/2011 07:00PM by PBChecker.
Anonymous User
Re: FIREWALL's for iDiOt's - explained
June 30, 2011 08:54PM
Laters PB Checker,

Scabs Out!
Anonymous User
Re: FIREWALL's for iDiOt's - explained
July 15, 2011 09:56PM
So.... that guy was a scab? Is that like being a bot or something?

So I should not take his advice?
Re: FIREWALL's for iDiOt's - explained
July 16, 2011 09:07AM
@ Macgregor - He is human, you can take his advice if you want, its really up to you.
Anonymous User
Re: FIREWALL's for iDiOt's - explained
July 17, 2011 06:35PM
@ Macgregor - you've got me. Don't take any of my advices seriously. I'm joking.

With internet explorer and AVIRA anti-virus free, you are safe using the internet.
Sorry, only registered users may post in this forum.

Click here to login