Computer firewalls can be either logical or physical. Under you go out and buy a server administration grade physical firewall, you will be dealing with logical firewalls. Logical firewalls (or software firewalls) generally either work at either a protocol or application level. Protocol firewalls have rules to only allow certain types of traffic through them. Application firewalls only allow certain programs (applications) to connect to the internet. The Microsoft Windows Firewall is a mixture of a protocol firewall and and application firewall as you are set rules for the type of traffic it lets through and you can also enable/disable applications from connecting to the internet.
A quick example to illuminate the differences between a protocol-based firewall and an application based firewall. To allow your computer to download web pages, a protocol firewall creates an exception that allows all network traffic that uses the HTTP web protocol. The computer's firewall will now allow all web traffic regardless of what browser you are using. If you were to use an application based protocol, you would only allow a certain browser to send or receive data, and your other browsers would not be able to connect to the internet (unless you configure your firewall to let them).
If you are concerned about online security risks, a firewall is your first port of call when it comes to protecting your computer. Likewise if you have recently been hacked you should check your computer's firewall settings do not need repairing. You should consider using a firewall if:
1. Your computer is using a broadband internet connect. Hackers often use port scanners to scan which ports you have open. Think of ports on your computer as analageous to an actual seaport. You have to have certain ports open to send and receive different types of information. If you are always online with a broadband internet connection, the ports pertaining to the internet and web use will be permanently open. This gives hackers a chance to access your computer through these open ports.
2. 2. Have a static Ip address. If you have a static IP address that does not change, this makes it easy for hackers to keep a track of your computer as your computer address on the internet is always changing. If you have a dynamic IP address, your IP address will often change, making it harder for hackersto track you. Think of it as you changing house every day so that a team of burglars can never find you.
3. If you download programs or files from the internet. IF you are using peer to peer sharing programs over the internet or downloading files from “shady” websites, this heavily increases your chances of accidentally downloading malware. Malware can open ports on your computer that should be closed, allowing hackers in. Firewalls can stop malware connecting back to hackers by forcing these ports closed.
So use your Windows firewall if you are using Windows. Or better yet, go and purchase a software firewall that will provide your computer with even more security against nasty hackers.