Firewall: frequently asked questions
A firewall is software or hardware that checks information coming from the Internet or a network, and then either blocks it or allows it to pass through to your computer, depending on your firewall settings. Even if you think there’s nothing on your computer that would interest anyone, a worm could completely disable your computer, or someone could use your computer to help spread worms or viruses to other computers without your knowledge.
Here are answers to some common questions about firewalls.
What does “allowing a program to communicate through the firewall” mean?
Allowing a program to communicate through the firewall, sometimes called unblocking, is when you allow a particular program to send information through the firewall. You can also allow a program to communicate through the firewall by opening one or more ports. For more information, see Allow a program to communicate through Windows Firewall.
How can I be sure that Windows Firewall is on?
Windows Firewall is on by default in this version of Windows. To make sure it hasn’t been turned off, follow these steps:
Click to open Windows Firewall.
In the left pane, click Turn Windows Firewall on or off. If you are prompted for an administrator password or confirmation, type the password or provide confirmation.
Below each network location type, click Turn on Windows Firewall, and then click OK. We recommend that you turn on the firewall for all network location types.
What are the recommended settings for Windows Firewall?
We recommend the default firewall settings:
The firewall is on.
The firewall is on for all network locations (Home or work, Public place, or Domain).
The firewall is on for all network connections.
The firewall is blocking all inbound connections except those that you specifically allowed.
What are some of the things that a firewall can’t prevent?
E‑mail viruses are attached to e‑mail messages. A firewall can’t determine the contents of e‑mail messages, so it can’t protect you from these types of viruses. You should use an antivirus program to scan and delete suspicious attachments from an e‑mail message before you open it. Even when you have an antivirus program, you should not open an e‑mail attachment if you’re not positive it’s safe.
Phishing is a technique used to trick computer users into revealing personal or financial information, such as a bank account password. A common online phishing scam starts with an e‑mail message that appears to come from a trusted source, but actually directs recipients to provide information to a fraudulent website. Firewalls can’t determine the contents of e‑mail messages, so they can’t protect you from this type of attack.
If I have a router with a built-in firewall, should I also turn on Windows Firewall?
Yes, because router-based firewalls only provide protection from computers on the Internet, not from computers on your home network. For example, if a mobile computer or guest computer connects to some other network, becomes infected with a computer worm, and then connects to your home network, your router-based firewall won’t be able to prevent the spread of the worm. However, a firewall running on each computer on your network can help control the spread of worms.
However, running more than one firewall program on your computer at the same time could cause conflicts. It’s best to just use one firewall program, in addition to a router-based firewall.