Imagine that your house is surrounded by a huge metal fortress. It has one door, at which a gatekeeper stands and intercepts visitors. He asks them where they're from and then decides if he'll let them in, based on information you've given him about whom you want in (anyone from your mother's address, say) and whom you don't (anyone from Aunt Sophie's address, for example). The gatekeeper also lets people leave the house only for preapproved destinations. If you can understand that concept, you have the basics of how a firewall works.
Firewalls are programs that act as gatekeepers between your computer and the world. Different types offer different levels of security. At the lowest level, using technology known as packet filters, the firewall examines the address from which data enter your system or the address to which they are going, and decides whether to let them pass through. At the highest level, application-level gateways, the firewall looks at not only the address from which the information is coming but also the content of the message (the equivalent of not only asking where the visitor is from but also examining the contents of her purse). In the middle are circuit-level gateways, which prevent your system from ever coming into direct contact with the outside world. (Think of it as leaving your visitor in a waiting room and sending him or her a message there.)
Remember that firewalls vary in ease of implementation and maintenance, with the most secure ones usually requiring the most work. Prices range from $3,000 to $100,000. For a closer look at firewalls, see Computer Crime: A Crimefighter's Handbook, by David Icove, Karl Seger, and William VonStorch (O'Reilly & Associates, Sebastopol, Calif., 1995, $24.95).
-- Sarah Schafer* * *