What’s a Firewall, and How Do I Use One?
Wi-Fi routers might eventually be able to see you.
Using Wi-Fi technology and receivers, a team of researchers was able to detect moving objects in a room. They then could outline the figures and see how many people were moving around and how they were moving.
It’s a very early example of how criminals might someday be able to take hacking to a new level.
We’ve already heard how hackers can get into our smart speakers and grab footage from our security cameras.
Yet what if a device eventually lets someone sit outside your house and monitor what’s happening behind those walls?
That information could be useful to a burglar (or a stalker).
No matter who uses it, though, it’s creepy to imagine. It also highlights the importance of protecting your home’s Wi-Fi.
A strong password and choosing a router with the latest security protocols can help. Yet a good firewall is essential to keeping unwanted traffic out.
You may have one and not even know it. But it’s important to look at how firewalls work so that you can make sure your home Wi-Fi is safe.
Image by rawpixel.com
What Is a Firewall?
The word firewall has been around since long before the invention of computers.
In fact, it predates the lightbulb.
Firewall was first used in 1851 to describe a wall designed to stop the spread of fire. If you’ve ever lived in a condo or apartment, you likely had a firewall between your unit and those around you. It’s no guarantee fire won’t spread, but it can slow things down until the fire department gets there.
In 1988, Digital Equipment Corporation (DEC) introduced the very first computer firewall. Called the Packet-Filter Firewall, this piece of tech looked at packets as they made their way from one computer to another within a network.
If the packet didn’t pass muster, it was rejected.
Over the years, firewalls became a way of not only monitoring traffic as it passed through a network but also a way to record information. This information can be crucial to network administrators keeping an eye on possible hacking attempts.
A firewall is not a physical wall, of course. It’s simply a security system between the outside world and your devices.
Think of it as a security gate at the end of your driveway. Before someone can get through that gate, there are some hurdles to pass.
You once needed an expert to set all this up for you. Your computers at work might have had firewalls, but when you were dialing up AOL, you were depending on your home’s telephone line.
Now you likely use Wi-Fi, which means all the devices in your home connect to a router wirelessly. That router has a firewall built in. If you’re like me, you just plugged in your router and trusted it to work.
Yet that might not be enough. In fact, my firewall was disabled, and I didn’t even realize it. Yours might be, too.
Here’s how to ensure your home Wi-Fi is protected and what you need to know.
What Does a Firewall Do?
Before you make changes to your firewall, let’s look at what they do.
A firewall is designed to look at incoming traffic, assess it, and reject it or let it through. It does this using predefined rules. That means it’s only as good as the rules set up.
There are two major types of firewalls.
Hardware
Your router can provide hardware-based firewall protection. You can also buy a dedicated device that offers supplemental protection (more on that later).
When it’s time to protect your entire network, you’ll need hardware.
If you’re in the market for a router, look for one with Wi-Fi 6. The Wi-Fi 6 protocol is the easier-to-remember name for the newer IEEE 802.11ax standard.
Not only is Wi-Fi 6 more secure, but it’s also faster and less prone to latency.
Software
Your router isn’t the only firewall you already have. There’s also a firewall on your device.
Firewalls are built into operating systems to help keep you safe from malicious activity.
Your firewall may already be active, but you should check to make sure. How you check depends on your OS.
For Windows:
In the Start menu, look under System and Security.
You can also find the firewall settings by simply typing the word “Firewall” into the search bar.
For Mac:
The firewall is under System Preferences, then Security and Privacy.
First, once you’re there, make sure your firewall is turned on.
Mine was off!
Once I turned it on, I was able to check my settings.
Again, you should enable the strictest protocols possible, and then tweak them if you have trouble connecting to something.
Manage Your Firewall
Follow the below steps to view and manage your firewall.
Step 1: Log Into Your Router
To manage your firewall, you’ll first need your router’s IP address.
The good news is it should be on your router somewhere. It will be a series of numbers that look something like 192.168.1.1.
The bad news is you’ll have to get up and go to the router to look for it.
You’ll just input that address into your browser’s address bar. This will pull up a page where you can enter your username and password.
What if you don’t know your username and password?
Mine is printed on a sticker on my router. That’s the default password, though. You should change it as soon as you’re in.
If it’s not on your router, try admin as the username and password in the password field. If this works, change it once you’re logged in.
Step 2: Look for a Firewall
After changing your password, your next step should be to look for a firewall. Most modern routers will have a tab for this.
How this looks can vary by router manufacturer. It might be under a tab labeled Firewall. Mine was under the Security tab.
Under Security, I had two choices next to Firewall Protection, Enable or Disable. Mine was already enabled, so I left it.
Enabling your firewall isn’t all you can do here. There are also some advanced settings to manage.
Step 3: Set Up Internet Filtering
In your firewall settings, you’ll see some checkboxes. On mine, “Filter Anonymous Internet Requests” was checked.
I left it. Here’s why:
It’s usually set to “Enabled” by default for a reason. If you have this checked, others won’t be able to see your network ports. It also helps keep your network from being detected by random people who are up to no good.
Filter IDENT (Port 113) was also enabled by default. This keeps that port from being scanned by outside devices. I left it checked.
Two items that are disabled by default are Filter Multicast and Filter Internet NAT Redirection. You can enable them if you want, but both have practical uses. You can do what I did and disable it, then wait for something to stop working and return and enable it. Since both can put my network at risk, it was better to turn them off until I needed them.
Step 4: Set Up a Guest Network
While you’re in there, you might want to take a few seconds to set up a guest network.
As the name implies, a guest network lets you set aside a separate space for your houseguests.
When they visit, they get their own network. That means they won’t have access to your devices, but do get a connection.
First: not all routers have this feature. If you’ve clicked around and don’t see it, it’s possible it’s not an option with your particular model.
A network name may be assigned. On mine, it’s my network name with -guest at the end.
You can limit the number of guests connecting to this network at once. This provides a little extra protection.
One of the best things you can do is toggle off the “Enable Guests Access” option when you’re not expecting visitors. No one will be able to connect until you switch it back on.
Image by rawpixel.com
Do You Need a Supplemental Firewall?
If you rely solely on your router’s firewall technology, you might be at risk.
First, looking into the technology your particular router provides is important.
It might be plenty if your router is running Wi-Fi 6 and lets you tighten the security protocols. Yet it could still have some vulnerabilities.
Here are some things a supplemental firewall can bring to your home Wi-Fi.
1. Greater Protection
Of course, a dedicated router’s biggest benefit to your home is an additional layer of protection.
A firewall rests between the world outside your home and your router, blocking all traffic before your router even looks at it. The right device will have built-in protections even better than your router at battling bad actors.
2. Enhanced Customization
Need to block data from a certain web address? Maybe you know of an application that’s targeting your home network.
A dedicated firewall typically lets you control the devices with access to your Wi-Fi network. No need to worry about your neighbor trying to guess your Wi-Fi password and steal free Wi-Fi from your home.
3. Built-In Protection
The latest firewalls provide top-quality security measures like antivirus protection and spam filtering. They’re also designed to go further than previous generations of routers in inspecting incoming traffic.
Yes, you may have malware protection on your devices, but your router will add another layer of defense.
You may find that you don’t need the extra protection a dedicated firewall brings. Simply upgrading to the latest and greatest router may cover your bases.
Image by Freepik
What Risks Do Firewalls Protect Against?
Just as a construction-based firewall stands between one living space and another, a tech-based firewall shields your devices from outside threats.
That protection can be priceless. But if you still wonder if it’s worth the extra trouble, here are the risks you reduce by using one.
1. Network Damage
Even the thought of malware can be scary. You know the risk exists and do everything you can to prevent it.
You may have the best antivirus software, but things can still slip through. For one thing, antivirus providers can’t always keep up with every new threat that emerges.
For another, scammers can be astonishingly clever at finding new ways to make our lives miserable.
A firewall is no guarantee, of course. Yet having an extra piece of security between those crafty scammers and your home network can reduce your risks that much more.
The thing about Wi-Fi-level malware is that it can do widespread damage, even to your home network. If one of your devices gets the wrong kind of malware or your router is infected, every device that connects to that Wi-Fi can also be infected.
In other words, you could have a mess on your hands.
With a firewall in place, the idea is that the malware is caught before it can spread. Even if one of your devices is infected, the firewall can stop that device from communicating with it so that at least your other devices are safe.
I don’t know about you, but I’d rather have one device infected than all our phones, laptops, and even our printers.
Malware could even spread to your smart home devices. Yikes!
2. Downtime
If you rely on your home Wi-Fi for work, you likely can’t be down for a day. Even half a day. An hour would be pushing it.
A Wi-Fi attack can take your router down for a day or longer. If an attack spreads to your devices, those devices will be out of commission, too. In fact, with a particularly pernicious type of ransomware, you could be down until you can remove the threat.
Even if you don’t use your home Wi-Fi for work, downtime can be a huge inconvenience. So many household devices rely on that Wi-Fi, you could find your thermostat, appliances, security cameras, garage door, and smart speakers don’t have full functionality after an attack.
In addition to the downtime, an attack on your home Wi-Fi can hit your bank account. There’s a loss of income if you rely on your Wi-Fi and devices to work. There’s also the cost of cleaning up the malicious software, assuming you pay an expert for the service.
3. Information Theft
If a scammer does make it into your home network, there’s plenty to lose.
First, there are the accounts you use to pay bills and save for retirement.
A hacker can capture information from your devices, such as usernames and passwords. Keylogger viruses even capture every keystroke you type.
That means a hacker could have all your usernames, passwords, and personally identifiable information (PII). And that’s where things really get tricky.
Hackers can steal money with account passwords and usernames, but with your PII, there might be long-term repercussions.
An identity thief can use information like your Social Security number, name, driver’s license number, and birthdate to pose as you to apply for credit or make purchases in your name.
Identity theft services like Aura, LifeLock, and IdentityForce can monitor for signs your identity has been compromised and alert you so you can take action. They’ll also equip you with the tools to clean things up if your identity is ever stolen.
What Risks Don’t Firewalls Protect Against?
Unfortunately, a firewall won’t guarantee that your home’s Wi-Fi is forever protected against malware.
Yes, a firewall can keep malicious files from entering the network. It can also keep an infected device from spreading its malware to other devices on the network. But it won’t protect your individual devices from files and activities that put them and their user at risk. You can still download malware or click on a link and input sensitive information. The issue will be limited to that device if you have a firewall, though.
Conclusion
Firewalls are a great way to add extra security to your home Wi-Fi.
Your employer likely uses one, as do many companies whose websites you use. Check if your home router includes firewall features, and ensure it’s configured. Be sure to protect your individual devices, as well. Do so, and you can rest more easily about your home network.