Recent Articles

Personal firewall

A personal firewall is traditionally a piece of software installed on an end-user's PC which controls communications to and from the user's PC, permitting or denying communications based on a Security Policy.

A personal firewall differs from a conventional firewall in that there is no separation between the firewall software on the user's PC and the user's application software. A personal firewall will not usually protect any more than the one PC it is connected to, unless other PCs are sharing Internet connectivity via the protected PC.

Another distinction from conventional firewall software/devices is that personal firewalls are able to control communications using methods such as prompting the user each time a connection is attempted, and 'learning' from the responses, to determine what Internet traffic a user would like to permit to/from their PC.

This software may also provide some level of intrusion detection, allowing the software to terminate or block connectivity where it suspects an intrusion is being attempted.

Problems and weaknesses

• For private users, shutting down all unneccessary network-aware services and installing up-to-date patches is often enough to secure the system against (nearly) all outside threats
• Because they are installed on the system they protect, attacks on the firewall also affect that system and vice versa:
  • Instead of reducing the number of network-aware services, a personal firewall is an additional service that consumes system resources and can also be the target of an attack, as the Worm Witty has already shown.
  • If the system has been compromised by Malware, Spyware or similar software, these programs can also manipulate the firewall, because both are running on the same system. In the past, security experts have found numerous ways to bypass or even completley shut down software firewalls.
• They will often alarm the user about attacks on harmless occasions, for example connection attempts to closed ports, or misinterpret normal network traffic as an attack.

While many people claim that the uses outweight the negative aspects of personal firewalls, others claim that personal firewalls are snake oil, because they do not offer any real advantages but try to make the user believe that they are effective with constant alerts about "hacker attacks".