Stateful inspection is a combination of packet filtering with some of the elements of the gateway methods. It is somewhat of a vague definition, unlike the other three. Essentially, it is a packet filter firewall that examines more than just the addresses and port information of the data. Without using proxies, it can imitate some of the features of an application gateway by viewing the application specific data sent in each packet.

There are a variety of different products available that use stateful inspection to varying degrees. The advantage of this method is that it can examine data at the application level (that is filtering by content, not just address) without the performance overhead added by using proxies. Stateful firewalls will also close all ports to unsolicited incoming data and keep a table of requests from inside the network, like the two gateway methods.

The firewall included with Microsoft Windows XP claims to be a stateful inspection firewall, though it lacks any way of filtering application content. This is where things get a little blurry, as the XP firewall has essentially the same functionality as the firewalls built into commonly available cable/DSL home routers, a combination of packet filtering with a circuit level gateway.

Apparently then, the definition of a stateful inspection firewall is one that combines features of the other three types to any degree.

Configuring your home firewall

Now let's look at setting up and configuring your own firewall to protect your computer or network.

What you'll need: Cable/DSL router with integrated firewall/NAT Or A software firewall such as zonealarm or blackICE defender. Or Windows XP Home or Professional. What you will need to know a few basic definitions. If you are already familiar with the terminology, please skip ahead to the next page.

Port: One end of a logical connection between two computers. Specific ports are used for specific types of data. For example port 80 is used to send and receive HTTP (web browser) traffic. Firewalls can block ports, disabling them from receiving any data.

Protocol: A standardized method for transmitting data between devices. HTTP, FTP and SMTP are examples of well-known protocols for web browsing, file transfer and email respectively. Used with IP addresses and Ports to transfer data between computers. Protocols come in two types, as far as this article is concerned, TCP and UDP.

TCP protocols form a connection, or session, between two computers to send and receive data. They include methods of ensuring data is delivered, and correcting errors. UDP protocols are considered 'connectionless.' They can pass information between computers, but no session is formed to govern the exchange, and no confirmation is given that the data has been received.

IP address: A number used by devices on the Internet or within local networks to address data. The format is xxx.xxx.xxx.xxx where xxx can be a number between 0-255. Example 192.168.5.2 For a more complete definition, see the PCSTATS guide to Home Networking.