Viruses that spread through e-mail, such as Trojan horses, which masquerade as helpful or benign software and trick you into opening or downloading them.
Trojan horses; similar to the virus threat, it is easy to trick a user into downloading a program or opening an email attachment that can allow malicious code onto the local system.

Spyware; they can get onto your computer numerous ways such as when you open webpages (cookies/activeX) or when installing a program that's bundled with adware/spyware, therefore having closed ports doesn’t matter.

Malware, it is a combination of the words ‘malicious’ and ‘software’ and includes viruses, Trojan horses, worms, spyware/adware, phishing and pharming. Most common way to get malwares is opening E-Mail attachments and clicking URL's that are present in E-Mail's. Viruses, Trojans and worms can do a lot of bad things on your computer or in business.

Social engineering; this term has come into vogue in the past few years to describe methods that hackers use to get information from “friendly” users.

Physical outrages; like cutout of a circuit, other power shortages/failures etc.
Unsecured wireless network. The firewall will not prevent access to an otherwise unsecured wireless network. However, the firewall helps to protect the computers on your network, so if an intruder were to gain access to your network, he or she could not access your personal computer.

If necessary, the firewall dynamically opens ports and allows your computer to receive traffic that you have specifically requested, such as a Web page for which you have clicked the address.
A “port” is a networking term that identifies the point at which a type of network traffic reaches your computer. The exact ports that you open depend on the type of traffic you want to send and receive.
If you have not requested the incoming traffic. Firewall helps block it before it can reach your computer. For special uses, such as networking, hosting online games, or hosting your own Web server, you can select ports that you want to leave open. This allows others to make connections to your computer, but it can also reduce security.

Remote login – When someone is able to connect to your computer and control it in some form. This can range from being able to view or access your files to actually running programs on your computer.

Application backdoors – Some programs have special features that allow for remote access. Others contain bugs that provide a backdoor, or hidden access, that provides some level of control of the program.

SMTP session hijacking – SMTP is the most common method of sending e-mail over the Internet. By gaining access to a list of e-mail addresses, a person can send unsolicited junk e-mail (spam) to thousands of users. This is done quite often by redirecting the e-mail through the SMTP server of an unsuspecting host, making the actual sender of the spam difficult to trace.

Operating system bugs – Like applications, some operating systems have backdoors. Others provide remote access with insufficient security controls or have bugs that an experienced hacker can take advantage of.

Denial of service – You have probably heard this phrase used in news reports on the attacks on major Web sites. This type of attack is nearly impossible to counter. What happens is that the hacker sends a request to the server to connect to it. When the server responds with an acknowledgement and tries to establish a session, it cannot find the system that made the request. By inundating a server with these unanswerable session requests, a hacker causes the server to slow to a crawl or eventually crash.

E-mail bombs – An e-mail bomb is usually a personal attack. Someone sends you the same e-mail hundreds or thousands of times until your e-mail system cannot accept any more messages.

Macros - To simplify complicated procedures, many applications allow you to create a script of commands that the application can run. This script is known as a macro. Hackers have taken advantage of this to create their own macros that, depending on the application, can destroy your data or crash your computer.

Viruses - Probably the most well-known threat is computer viruses. A virus is a small program that can copy itself to other computers. This way it can spread quickly from one system to the next. Viruses range from harmless messages to erasing all of your data.

Spam - Typically harmless but always annoying, spam is the electronic equivalent of junk mail. Spam can be dangerous though. Quite often it contains links to Web sites. Be careful of clicking on these because you may accidentally accept a cookie that provides a backdoor to your computer.

Redirect bombs – Hackers can use ICMP to change (redirect) the path information takes by sending it to a different router. This is one of the ways that a denial of service attack is set up.

Source routing – In most cases, the path a packet travels over the Internet (or any other network) is determined by the routers along that path. But the source providing the packet can arbitrarily specify the route that the packet should travel. Hackers sometimes take advantage of this to make information appear to come from a trusted source or even from inside the network! Most firewall products disable source routing by default.

One of the best things about a firewall from a security standpoint is that it stops anyone on the outside from logging onto a computer in your private network. While this is a big deal for businesses, most home networks will probably not be threatened in this manner. Still, putting a firewall in place provides some peace of mind.

A company can set up rules like this for FTP servers, Web servers, Telnet servers and so on. In addition, the company can control how employees connect to Web sites, whether files are allowed to leave the company over the network and so on. A firewall gives a company tremendous control over how people use the network.

A firewall examines all traffic routed between the two networks to see if it meets certain criteria. If it does, it is routed between the networks, otherwise it is stopped. A firewall filters both inbound and outbound traffic. It can also manage public access to private networked resources such as host applications. It can be used to log all attempts to enter the private network and trigger alarms when hostile or unauthorized entry is attempted. Firewalls can filter packets based on their source and destination addresses and port numbers. This is known as address filtering. Firewalls can also filter specific types of network traffic. This is also known as protocol filtering because the decision to forward or reject traffic is dependant upon the protocol used, for example HTTP, ftp or telnet. Firewalls can also filter traffic by packet attribute or state.

Hardware Firewall

A hardware firewall is a box that sits between you and the internet that performs the filtering function. Traffic that is filtered out never reaches your computer. Broadband routers perform the function of a firewall quite nicely.

Software Firewall

A software firewall is a program that runs on your computer and at the very lowest level monitors your network traffic. The firewall prevents filtered traffic from getting through to the operating system. All network traffic reaches your computer but the firewall prevents your system from actually doing anything with it.

There are several classifications of firewalls depending on where the communication is taking place, where the communication is intercepted and the state that is being traced. Firewalls use one or more of the following methods to control traffic flowing in and out of the network:

Packet filtering – In its most basic form, a firewall does nothing but filter packets. Packets are analyzed against a set of filters. Looks at each packet entering or leaving the network and accepts or rejects it based on user-defined rules. Packet filtering is fairly effective and transparent to users, but it is difficult to configure.

Application-layer- Application-layer firewalls work on the application level of the TCP/IP stack, and may intercept all packets traveling to or from an application. Application firewalls can prevent all unwanted outside traffic from reaching protected machines. Application layer firewalls tend to provide more detailed audit reports and tend to enforce more conservative security models than network layer firewalls.

Circuit Level Relay – This type of firewall doesn’t simply accept or reject packets, it also decides whether a connection is valid according to a set of configurable rules. If everything checks out, the firewall opens a session and allows traffic to flow in only from the authenticated source. The traffic may also be permitted to proceed for only a limited period of time. Once the connection has been made, packets can flow between the hosts without further checking.

Application Proxy Gateway – Information from the Internet is retrieved by the firewall and then sent to the requesting system and vice versa. The users connect to the outside using the proxy. The proxy gets the information and returns it to the user. The proxy can record everything that is done. This type of firewall may require a user login to use it. Rules may be set to allow some functions of an application to be done and other functions denied.

Stateful inspection – A newer method that doesn’t examine the contents of each packet but instead compares certain key parts of the packet to a database of trusted information. Information traveling from inside the firewall to the outside is monitored for specific defining characteristics; the incoming information is compared to these characteristics. If the comparison yields a reasonable match, the information is allowed through. Otherwise it is discarded.