How Firewalls Work

How Firewalls Work
There are mean people out there badly to get into your system or network, to steal information, or simply cause as much destruction as possible, or to use your system for their own uses.
There are three main areas of defense against these threats: Anti-virus (of course), Firewall, and Spyware removal. With some programs being more important than others, but none being without importance. What I would like to do is give all of our readers at least a good concept of what these Firewalls and Anti-virus programs do to protect your system.
The first line of defense between you and the Internet firewall. A firewall isn't going to stop you from getting a lot of viruses out there, unless it's the kind of viruses that proactively scans systems for open ports like the 32.Sasser that has recently stepped onto the virus scene. Where firewalls really come into play is in the area of Internet or Network access.
There are two basic types of firewalls: hardware and software.
A common hardware firewall is a routers. In a small network it sits in-between your PC and modem. These firewalls feature the ability to hide your PC from others on the Internet by assigning you private IP addresses through a process called NAT (Network Address Translation) or DHCP (Dynamic Host Configuration Protocol).
To put it simpler: a router will take the Internet address that your ISP has doled out to you and give the PCs the are connected to the router a generic private IP address (not valid for the internet). The other primary job is to close ports (these are numbers that are associated with certain jobs, for example most email clients and servers use SMTP port 25 and POP3 port#110) ports can be a vulnerability as seen in the past and a hacker can have an easy time getting into your PC with ports wide open to the world. When hackers try to scan your network for known vulnerable ports the Firewall simply drops the packets because they contain data that no PC on the network requested.
Software firewalls are a little bit different and they have good points and bad points. First let me start by saying that it is always better to have a firewall then not to. The main difference between the two styles of firewalls is that one is an external device that runs on it's own hardware. The software firewall is an application that runs on your PC. This is the one down side I believe because it's one more application running on your PC while you're trying to surf the web and can cause resource overhead and slow things down in older PCs. In concept the firewalls really are the same, except that one of the biggest differences is a software firewall doesn't have any address translation services (i.e. NAT or DCHP).
Software firewalls do have some really great features however. For instance, a software firewall is great for someone who is new to this area of PCs and wants to learn more. I say this because most of these firewalls have a reasonably easy to understand interface different from the more "Techie" looking router interfaces.
Software firewalls also have a feature for Internet access that I think is very informative, for example in most of the software firewalls I have come across when a program tries to access the internet the firewall will pop up and ask you if you want this action to be allowed every time, prompt every time, or deny Internet access to the program. Most software firewalls will also notify you when someone from outside is hitting your firewall and a lot of times you get the IP address of the party on the other end of the actions. Both of these features can be used to further protect your PC, in some cases you might even be able catch a hacker trying to get into your PC by getting their IP address and then asking there ISP what this IP address is doing pinging your IP address.