Do I need to install a firewall?

Why do we need firewalls?

Many junior Internet users believe that as long as anti-virus software is installed, the system is absolutely safe. This idea is very dangerous! In today's network security environment, Trojan horses and viruses are rampant, hacker attacks are frequent, and various rogue software and spyware are also making waves. How can we protect our system from such a dangerous network environment? Is anti-virus software alone enough to keep our systems safe? Below I will analyze the importance of firewalls from several aspects that affect system security.

Current network security threats mainly come from virus attacks, Trojan horse attacks, hacker attacks and spyware theft. Anti-virus software has been developed for more than ten years, but it still remains at the level of passive anti-virus (when the concept of active defense emerged, some domestic anti-virus manufacturers have claimed to have achieved active defense. In fact, it is nothing more than hyping some concepts to gain attention, which is quick and quick. psychology is also one of the reasons for their stagnation), foreign surveys show that today’s global anti-virus software cannot identify 80% of viruses (reference: /388/2014388.shtml). From the perspective of the principle of anti-virus software, the reason why anti-virus software can kill viruses is purely to identify whether it is a virus based on the code characteristics of the virus sample, and this characteristic code still needs to be uploaded after the user reports encountering a virus to obtain the virus sample. Just like someone was stolen, and luckily he caught the thief, so he told the police that he caught a thief with long hair and glasses, so the police stared at those with long hair and glasses every day on the street. people. The defensive effect of this can be imagined. In the same way, anti-virus software’s prevention of Trojans and spyware is also based on this passive approach.

The makers of viruses and Trojans have seized on this fatal weakness of anti-virus software and are constantly developing new variants. Frequent changes in code characteristics make passive anti-virus software at a loss. From a global perspective, most viruses and Trojans that can cause great losses are new or have various variants. Since the characteristics of these viruses and Trojans are not known by the anti-virus software, the anti-virus software can neither alert nor kill them, and even some anti-virus software itself is killed by the virus and cannot be started!

Are we just allowed to be slaughtered by viruses and Trojan horses?

Of course not! How can a master bow to a few virus Trojans! Although the anti-virus software can only stare at us, we still have a firewall that strictly guards the door!

Why can firewalls block viruses, Trojans and even the latest variants? This starts with the defense mechanism of the firewall. The firewall monitors the data packets connected to the network. In other words, the firewall is equivalent to a strict gatekeeper, in charge of each door (port) of the system. It is responsible for monitoring everyone entering and exiting (data sent by the application program). (Package) for identity verification. Everyone needs permission from the highest officer before they can enter or exit, and this highest officer is yourself. Whenever an unknown program wants to enter the system or connect to the network, the firewall will intercept it immediately and check the identity. If it is allowed with your permission (for example, in the application rule settings, you allow a certain program to connect to the network) ), the firewall will let all the data packets sent by the program. If it is detected that the program is not allowed to pass, a prompt will pop up automatically whether to allow the program to pass. At this time, you, the "supreme commander", need to make a judgment. Generally speaking, we will not allow access to programs that we do not run or do not know much about, and confirm the nature of the software through search engine or firewall prompts.

Having written this, everyone probably has a certain understanding of the difference between anti-virus software and firewalls. To give an intuitive example: your system is like a castle. You are the supreme commander of this castle. Anti-virus software and firewalls are the guards responsible for security, and each has its own division of labor. The anti-virus software is responsible for identifying people who enter the castle, and arrests suspicious people if they are found (of course, the chance of arresting the wrong person is very high, otherwise there would not be so many accidental killings and false alarms); while the firewall is the gatekeeper, checking everyone Everyone entering and exiting the castle is inspected, and if anyone is found without a pass, he or she is informed by the Supreme Commander.

Therefore, any Trojan or spyware may secretly record your account and password under the eyes of the anti-virus software. However, the firewall guards the city gates tightly and blocks all information sent by the Trojan or spyware, thus protecting your System security.

In addition, the firewall has another advantage, that is, it can prevent hackers from attacking the system. This is something that anti-virus software cannot do, because the hacker's operations do not have any signatures, and the anti-virus software cannot recognize them. A firewall can hide every port of your system. When a hacker scans your IP, no data packets will be returned. In this way, the hacker cannot discover the existence of your system and prevent the other party from attacking you.

What kind of firewall do we need?

I started surfing the Internet in 1998, and it has been eight years now. Summing up the eight years of surfing the Internet, a friend gave me a very classic comment: You are actually engaged in another eight-year war of resistance. . I think this evaluation is very appropriate. I am a network security enthusiast. From a rookie to an expert (I dare not call myself an expert yet, hehe~~), from a hacker to a hacker, I have come step by step to where I am today. I have hacked countless systems and been hacked by countless experts. The first time I came into contact with firewalls was in 1999. At that time, there was almost no concept of firewalls in China. At that time, Skynet Firewall launched the first software firewall. Out of curiosity, I tried it out. It is undeniable that Skynet Firewall version 1.0 cannot be compared with today's Skynet 3.0. It does not have many functions and only has the most basic defense functions. But in 1999, both hackers and netizens in China were almost still in their infancy. A good hacker could easily hack N servers through online tools, and the most basic protection software could also block many so-called "hacker". In this way, the only firewall software in China at the time withstood the Sino-US hacker war in 2000 (I later learned that during the hacker war, the websites of CCTV and People's Daily were listed as "websites that must be broken" by foreign hackers. "There is an attack every three minutes during the peak period, but because Skynet's hardware firewall protects the two key websites, they have remained safe).

As time went by, I began to study foreign firewalls and used firewalls such as LOCKDOWN, ZA, OP, and LNS. Generally speaking, foreign firewalls developed earlier, so some places are relatively complete, but For domestic users, there are three obstacles that must be overcome: First, the domestic hardware level lags behind foreign countries, so when we use foreign firewalls, we always feel that the system is a bit inadequate; second, most foreign firewalls lack Chinese versions, and when using Those Chinese patches have affected the stability of the software; third, the setting habits of foreign software are based on the habits of foreigners, making it difficult for domestic users to use them. After careful consideration, I finally returned to the user group of Skynet Firewall. At this time, Skynet was already at version 2.6.

Let’s summarize some points you need to pay attention to when using a firewall:

1. A firewall is like a watchdog. If you don’t have money to install a security door (hardware firewall), then raising a dog is a good idea. Good choice:)

2. Having too many dogs is not a good thing. Two dogs will often fight together, so do not install multiple firewalls unless you want system conflicts to cause a crash.

3. A dog with a large appetite is not something that ordinary people can afford, so it is recommended to install a resource-saving firewall, unless your memory is so large that it can be used as a hard disk:)

< p> 4. A sensitive dog is better than N lame dogs. If the firewall processing speed is not fast enough, when there are many data packets passing through the system, the system efficiency will be seriously affected, or even completely crashed.

5. Raising a disobedient Tibetan mastiff is worse than raising an easy-to-control domestic dog. The same is true for firewalls. The ease of use determines whether you can easily control it.

Based on the above five principles, it is recommended that everyone use Skynet firewall. Of course, if you want to ask me whether Skynet Firewall is the best firewall, I can clearly tell you that there is no best firewall in the world, only the one that suits you is the best! Try using it, maybe you can find the best firewall in your mind:)