Copyright Michael Karbo, Denmark, Europe.

  • Next chapter.
  • Previous chapter.

    Chapter 19. Firewall

    If you are constantly on the Internet with your computer, then you just have to have a firewall. It is just as important as virus protection. Let's have a look at what a firewall is and how it works.

    What is a firewall?

    A firewall is a program, which watches the traffic to and from a network. When you computer is connected to the Internet then you are logged on to a network. This means that there is traffic between your computer and other computers. This traffic consists of, for example:

  • You fetch e-mails from a server and surf on the net.

  • You upload files to a web server or download files via, for example, FTP.

  • You chat, watch videos or make purchases.

  • Your antivirus program is updated via the net. Or whatever else.

    So there is plenty of traffic when you are logged onto the Internet. The firewall keeps an eye on all this traffic and keeps a check on, which programs are active on the net. The idea is that traffic should not occur between your computer and the net without the firewall permitting it.

    Figure 98. The firewall is a filter, which sorts all the traffic to and from the computer.

    So the firewall is a filter but it is a filter you have to configure yourself. A fire wall begins by stopping all the traffic; it has to know, what the legal traffic is and, what the undesirable traffic is. And this is the problem with most firewalls; they have been much too nerded to work with.

    Purely technically the traffic takes place via a large number of ports. There are for example ports for e-mail, for the web for streaming videos, for chat, for FTS (file transfer), etc. The problem is that when a port is open, then other computers on the net can invade the computer and interfere with your data. The firewall's task is to shut off the port so that no unauthorized persons get access to the computer.

    In the most primitive forms of firewall the user has to state, which port numbers the traffic can come through. And this can be a little difficult to know especially when you have no idea of what a port is. Since then much more user-friendly personal firewalls have been introduced, designed for ordinary computers where the users aren't network experts.

    Finding a firewall

    The important thing then is to find a firewall, which is both reasonably secure and easy to use. You will find out that there are many programs to choose between. Start by finding out if there is a built-in firewall in Windows XP. Or are there personal firewalls in any of the many antivirus programs such as the earlier mentioned PC-cillin Internet Security, for example.

    Finally there are the more specialised firewall products; we have had good experience with the Czech Kerio firewall.

    Figure 99. The personal firewall in Trend Micro's effektive PC-cillin Internet Security.

    Windows XP's own firewall

    There is a firewall built in Windows XP. It is called ICF for "Internet Connection Firewall". If Windows XP is updated with service pack (SP2), then you will find the somewhat improved version called Windows Firewall.

    There are differing opinions about Windows own firewall, but it is generally thought of as not being particularly effective. But if you don't have any other firewalls on your computer, then you really ought to activate it. This is done via the tab advanced in the dialog box properties for LAN connection.

    Figure 100. Windows XP's own Firewall for Internet connection is activated here.

    If you use your computer as an FTP, mail, web server or something like that, then the firewall has to be advised of it:

    Figure 101. Windows' own firewall settings.

    If the computer is used for one of the more Internet intensive operations, which can be seen in Figure 101, then you ought to get hold of a more professional firewall than Windows' own.


    Windows Firewall is hardly sufficient for a serious super user. Another product must be installed as a supplement.

    Kerio is a firewall, which can be downloaded free for charge at the address Apparently a lot of security software comes from countries like the Czech Republic and Romania (see, for example,, which is worth noting. In this case we have a cooperation between AVG (antivirus) and Kerio, which means that the two programs work together. The best result is achieved if AVG is installed first and then Kerio.

    Just like AVG, Kerio is found in free versions, which may be used by private users. In Kerio Personal Firewall, a part of the program disappears 30 days after it has been installed unless you purchase a license. In the meantime the central part - the firewall itself - continues to function. So Kerio, in fact, gives an excellent and free solution to security problems in private computers.


    Kerio Personal Firewall is a piece of professional software, which seriously does something about security problems. This means that the program doesn't run fully automatically. You can't just install it and then think that's that. A real firewall has to be taught so that it knows which activities are legal on your computer.

    In the beginning a lot of activities are not allowed; to get past this you have to make some rules for the traffic. This is, fortunately, not very difficult. Every time there is a new activity, which Kerio is not sure about, the program will ask you to make a decision about the situation.

    Figure 102. The first rule has to do with the network card. Is it a credible network, Kerio asks?

    Four possible options

    When Kerio detects unknown activity, you have four options:

    1.    Permit (Allow this time)

    2.    Permit, Create a rule (Allow always)

    3.    Deny (Deny this time)

    4.    Deny, Create a rule (Deny always)

    You have to make a decision on whether or not the activity is permitted. And you have to decide whether or not it is something, which shall or shall not be generally permitted or denied. All of this is in the dialog box brought forth by Kerio when there is unexpected activity in your computer.

    As soon as the firewall is installed you have to make decisions in a lot of dialog boxes. But as they are exactly the same every time, this is not particularly complicated. You just have to read, what sort of process, Kerio, wants you to make a decision about. If you are sure of what you are doing, then you just have to Create a rule; and then you won't be troubled with this again.

    If you are in doubt, you can make do with Permit or Deny in the actual situation. This means that next time the same process starts you will have to consider it again.

    So what are all these processes Kerio wants rules for? Well, all sorts of things, which can be dangerous. The first time a mail program such as Outlook attempts to go onto the Internet, you have to consider this. You may Permit this and Create a rule:

    Figure 103. Outlook tries to get onto the Internet for the first time after a firewall has been installed.

    You will have to expect to create a lot rules in the beginning. If, for example, your anti-virus program is set to fetch new virus definitions itself from the net, then Kerio will react the first time it does this.

    If you double click on a PDF file in your mail program, then Kerio will also react here because this is a program, which activates another program. And this can be dangerous if you don't know what is going on.

    In this case you can, however, with peace of mind click on the button Permit and in the field Create a rule. There is no reason for worrying, as the screen image comes directly as a consequence of clicking on a PDF file in Outlook:

    Figure 104. Every time one program activates another, Keria sees it as a potential security risk. You have to Create a rule, which permits it.

    There is a lot of suspicious traffic

    It is exciting with a program like Kerio Personal Firewall on your computer. You will find out that there is an awful lot of traffic from your computer to the Internet, which you really had no idea about. It goes on all the time, all sorts of programs (and not least Windows) send reports in the one and the other situation. With a firewall you have a chance of saying No thank you! to it.

    In Figure 105, it is Microsoft Word, which absolutely has to go onto the net and contact a Microsoft server just because I have opened a program on my computer. I say no and Word functions just as well anyway.

    You learn a lot about the behaviour of programs if you have installed a firewall like Kerio. So this is recommended!

    Figure 105. Why is a report sent every time I start Word up? Are we living in a Big Brother society?

    Many options

    Kerio Personal Firewall is an intelligent program. It is among other things possible to monitor and correct a number of conditions to do with traffic and settings. It can be interesting seeing, which programs are active on the net:

    Figure 106. Here are both the browser and the mail program active on the net.

    Sometimes it is impractical to have the firewall active. For example, if you are going to install some sort of big program package. This will produce innumerable alerts from Kerio. So you can choose the temporary solution of deactivating the firewall. Right clicking on Kerio's little icon in the task bar does this. It is important to remember to activate it again when the installation is finished!

    You can also stop all the traffic between your computer and the Internet. This is a good thing if you suddenly experience mysterious activities on your computer, which you feel unsure about or if you, for example, leave your computer switched on all night. Then you can just as well disconnect it from the net from the menu Stop all traffic.

    Figure 107. It is reassuring that all the traffic between your computer and the Internet can be stopped with a single click.

  • Next chapter.
  • Previous chapter.

  • Book overview.
  • Please CLICK on the ADS, you see on each page! It helps us to publish more books and guides, FREE to use.