Using a firewall is like having your house completely locked up except for one entrance and that one entrance has an armed security guard- the firewall. Not using a firewall is like leaving your door open and your windows unlocked and hoping nobody sneaks into your house when you’re not looking.
Setting up and using a firewall program properly to secure your computer can be tricky so you need to make sure you pick one that you are comfortable with and then familiarize yourself with the interface and controls. Simply installing a firewall program will not help you if you then set it up to allow all incoming traffic. It would be like that security guard at your house falling asleep and letting intruders come and go as they please.
Products such as ZoneAlarm (free for personal use- see Free Personal Firewall Software) not only block incoming packets and ports as you specify, but also monitor the interaction of programs on your computer with the operating system and its services. Watching for suspicious activity and anomalous outbound traffic is helpful to detect when your computer has been hacked or infected by a Trojan or some other malicious code which is trying to establish an outbound connection or perform functions on your system that shouldn’t be allowed.
Most antivirus vendors release regularly scheduled updates to the virus definitions for their software on a weekly basis. If there is a new threat that is spreading rapidly or is unusually destructive they will sometimes release an update mid-week. But, the bottom line is that even if you diligently update your virus definitions weekly, there are still 7 days where you are potentially vulnerable to any new threats.
Even if you update daily there may be a span of a few hours between the initial discovery of a new threat and the release of new virus definitions by your antivirus software vendor to detect that threat. To protect yourself during these vulnerable periods and from malicious activity in general you can take other preventive actions.
For starters- disable hidden file extensions in Windows. Many viruses rely on a common Windows “feature” to help trick the user into unwittingly executing an infected file attachment. By default Windows hides the file extension for certain file types. Rather than showing “myfile.exe” you will only see “myfile” when viewing a folder or on an email attachment. If a virus comes in as a file attachment called “coolpic.jpg.exe” Windows will drop the EXE and you will see “coolpic.jpg” which may trick you into believing the file is simply a picture or graphic image rather than an executable file.
