Firewalls are one of the oldest aspects of modern computing which everyone will have heard of. Beginning in the late 80’s, firewalls were always regarded as one of the first lines of defence against hackers and intrusions. Before this, servers and routers used to use a whitelist style of protection which only allowed set users to access their data. As you can imagine, these were very easy to get around for any malicious users, mainly by IP spoofing or basic level port forwarding to a known resolved host.
The term firewall was originally used in construction to denote a wall which, you guessed it, stopped fires passing through. Think connecting walls in the attic of a block of terraced houses. A firewall when it comes to computing is no different, working to block any incoming connections from unknown hosts, without the ability to bypass through basic spoofing.
On Windows based systems, there is always a built-in firewall as default, even on illegal systems. Windows Defender is, to all intents and purposes, a great firewall to have. This protects from any packet loss through snooping, any unknown users accessing a system or network, and even blocks SQL packet injection. Of course, there are many great alternatives, but commercial level ones generally do not get much stronger than default.
As an exception to this, military level firewalls are a different beast; complex connection blockers which can identify users based on patterns, not just addresses. A determined malicious user will often find it easier to simply control a device known to the network than to attempt to bypass a firewall like this; it is too much effort and is easily flagged by the system if even a tiny mistake is made.
There are a few main kinds of firewalls, all of which come in most firewall programs available. The first is proxy firewalls, where any connections are automatically passed through a known proxy server to disrupt any injected packets. This kind of firewall is mostly used when using the internet, as it can protect against unauthorised access to the network through HTTP or HTTPS connections.
App layer firewalls are similar to this, where they automatically block access to certain sites or content based on their known index of malware. Common extensions such as AdBlock and uBlock Origin are a form of firewall, blocking incoming programs from running. This could be popups with IP based connections, malware through ads, and even downloadable content from websites. One great example of this is Kaspersky; their integrated web protection allows blocking of any content flagged in their massive virus database, and provides real time updates to the system so users are always protected.
Packet firewalls are one of the oldest forms of firewall, having been invented in the early 90’s. This aspect of firewall technology is now a little outdated, but the resources used are minimal so they are still included in all firewall packages. Packet analysis occurs of any incoming or outgoing information, with each packet analysed separately for contiguous information. Any packet which has malware or trackers in is flagged and removed; the downside to this is that the host is still vulnerable to spoofing.
The final form of firewall protection is in stateful firewalls; all information is tracked, and packets are rejected based on location and history. A combination of all of these features leads to a very well rounded defence package, and is a staple of all firewalls available today.