What are the risks of allowing programs through a firewall?
When you create an exception or open a port in a firewall, you allow a particular program to send information to or from your computer through the firewall. Allowing a program to communicate through a firewall (sometimes called unblocking) is like opening a tiny door in the firewall.
Each time you create an exception or open a port for a program to communicate through a firewall, your computer becomes a bit less secure. The more exceptions or open ports your firewall has, the more opportunities there are for hackers or malicious software to use one of those openings to spread a worm, access your files, or use your computer to spread malicious software to others.
It's generally safer to create a program exception than to open a port. If you open a port, it stays open until you close it, whether or not a program is using it. If you create an exception, the "door" is open only when needed for a particular communication.
To help decrease your security risk:
| • | Only create an exception or open a port when you really need to, and remove exceptions or close ports that you no longer need. |
| • | Never create an exception or open a port for a program that you do not recognize. |
Port
A hardware- or software-based interface used to transfer information between a computer and other devices. Hardware ports are physical connections that are visible on the outside of the computer. Software ports are the numbered gateways in programs that software programs use to exchange information.
Exception
An instruction that tells Windows Firewall to open a port briefly, allow a program or service to pass a specific piece of information through, and then close the port. These instructions are called "exceptions" because normally the firewall blocks all unsolicited attempts to send information.
Help and How-to
