A Warning: No Silver Bullet Here

I will now try to explain the nature of computer security and how a firewall fits into the picture. The majority of security holes are quite simply caused by bad software. Security holes are not created by 'hackers' or 'crackers'. They merely find and exploit already existing flaws in software. Security holes are usually just bugs or flaws in software itself that can be taken advantage of for malicious purposes.

What a firewall does is try to put up a barrier with the bad guys on one side and your possibly vulnerable software and services on the other. It tries to stop attackers from gaining any kind of access to servers and software running on machines behind the firewall. With no access, attackers shouldn't be able to leverage flaws in the software you are running. Unfortunately this approach of protection by disconnection only goes so far because the whole point of having a network is to allow computers on the network to communicate with each other. Simply put, for the network to be useful you need to put 'holes' in the firewall to allow communication or access between the protected computers and the outside world. A firewall offers no protection from accesses that occur via 'holes' in the firewall. For example, if you are operating a web server that can be accessed from the outside, then the firewall will do nothing to protect you from attacks aimed at your webserver.

A firewall should be just a part of your approach to security, and not the whole thing. Here is a quick list of effective tips to greatly increase the system's security. This advice will also apply to other computer systems too:

If you follow these tips, even without a firewall, your systems be about one hundred times more secure.