Saw a question in another conference about putting a firewall on a network card. The person wanted to know if that would be a good idea: “Why not build a firewall into the wireless adapter/chip? In fact, why not position the firewall behind both the wireless and the wired network connections?”
A “firewall on a chip” will not protect you from a ‘man in the middle’ hack. That’s where you sit in a wireless hot spot, log in, and wander through the ‘net. The problem is that your log in was to the hacker off in the corner, who presented you with the login page and passes your traffic through to the net.
The hacker captures all of your traffic (sort of like eavesdropping), hoping to catch your user/password as you log into your bank’s web site to check your balances or pay bills. Or as you go to Amazon to order a book, paying with your credit card. All of your traffic is captured: your bank login, your credit card info, etc.
It will not protect the user who surfs to a page that asks to install a bit of software to view the latest humorous video. Or the user who will click on an email link to get their e-card, which installs a virus or keystroke logger.
A firewall on your computer is better (the Windows firewall is better than nothing). A firewall will protect from external scans and attacks. But it won’t protect against unsafe computing practices by the user.
The ultimate firewall is the one that is between your ears working in conjunction with following the safe computing practices I’ve mentioned before.