Why Do I Need a Firewall - Computer Ports and Tarffic

This article is a continuation of the ideas discussed in an earlier piece on IP Addresses and Ports. The first article provides a layman's background on what they are. This article will attempt to provide the same for how Ports and Traffic work in the computer world.

All traffic to and from your computer travels through your ports. And computers, being logical, use the same doorway for the same kinds of traffic. For example, if you use Microsoft Outlook to send and receive email it always uses the same ports, when you surf the Internet your browser always uses the same set of ports to send and receive information; 80 in the case of most websites.

The reasons for this are logical. If you sent a request to this site's server using port 25, and the web server is listening to port 80, you would not end up here, but with an error screen in your browser. We can avoid these issues by using such standards.

You might have over 60,000 doorways in and out of your computer, but you only really ever use a handful.

Every program you use on your computer, or interact with on the web, has its set of standard ports to work with. Some examples are Internet Browsers using ports 80, 81, & 445, e-mail with ports 25 & 110, or your instant messaging with 2536 & 2892 to name two.

...And then there is your Operating System.

If you are interested in seeing what is happening under the hood type one of the following commands:

netstat -s -p tcp
netstat -s -p udp

To display active TCP connections and the process IDs every 5 seconds, type the following command (works on Microsoft XP and 2003 only):

netstat -o 5

Mac OS X version

netstat -w 5

To display active TCP connections and the process IDs using numerical form, type the following command (works on Microsoft XP and 2003 only):

netstat -n -o

So now we come to how do you close these ports? To do this we need to run a firewall. There are two types of firewalls one can use, software and hardware. In a perfect network both would be used, but most folks just run a software firewall and usually it is enough.

There are a myriad of different types of software firewalls one can choose from, these include a number of commercial products such as Symantec's Internet Security Suite, Trend Micro, ZoneAlarm, or MCafee Firewall to name a few, to Open Source Soluutions like iSafer, FirewallPAPI, or PktFilter.

Covering any of these is a complex matter and a whole series of articles unto itself. We may get into these at another time, but for now you should have a good enough footing to understand Why a Firewall is so crucial to your computer and its security.