What is a Firewall ?
Software firewalls are programs installed on your computer that create the firewall protection at your computer as shown in the diagram below. They function by closing specific ports (internet access points on a computer) to the outside world and only opening certain ports to allow specific traffic to pass thru, such as e-mail.
Hardware firewalls exist on another piece of hardware on your internal network. Most often this is a router that you are using to share your internet connection across multiple computers in your house. The diagram below shows how the hardware firewall physically sits between your computer and the internet. Opening only certain ports in and out keeps traffic you do not want from reaching your computer(s) or network.
If you are connecting to the internet via a dial-up modem there is really no need to use a firewall. The majority of attacks that firewalls help defend against count on the computer having the same IP address for a long period of time. When you dial into the internet you are given a new IP address each time. So it's very difficult for an attacker to locate your system after you log in again. Also since you can go offline by disconnecting there is no need for a firewall to be running at those times.
If you are using a DSL or Cable connection (otherwise known as: Always-On Connections) you may want to run a firewall. Since these connections are "Always-On" they normally always maintain the same IP address, so they are easily found again again by potential attackers. However serious attackers will bypass the majority normal internet users, although there are attackers who will search for your private information or just generally cause trouble. A firewall can help cut down on these types of threats but it cannot completely stop all external threats.
Technical Support suggests that if you would like to use a firewall to explore a hardware based firewall, as software based firewalls can actually stop your complete access to the internet (hardware firewalls can do this as well, but are less likely to cause problems.)
A properly designed and configured firewall will normally only report activity that appears to be an attack. However most firewall software will also report benign internet activity as an attack as well.
A common "attack" is when a network broadcast or packet send that is unexpected is received, such as Windows broadcasting for shared computers on the network. The majority of these can be blocked by the ISP to reduce the network clutter, but you still may see some.
Knowing what is an attack and what isn't is a bit technical to diagnose. We suggest if you are using a firewall and think you are being attacked to do research first. Search the support area of the website for the company who created your firewall or search Google for more information. If you believe you have found a valid attack, please follow the instructions provided with your firewall on how to properly report it.
As stated before not all attacks reported by your firewall are actually attacks. The majority of the time these are simple benign internet activity that caught the firewall's attention.