When you create an exception or open a port in a firewall, you allow a particular program to send information to or from your computer through the firewall. Allowing a program to communicate through a firewall (sometimes called unblocking) is like opening a tiny door in the firewall.

Each time you create an exception or open a port for a program to communicate through a firewall, your computer becomes a bit less secure. The more exceptions or open ports your firewall has, the more opportunities there are for hackers or malicious software to use one of those openings to spread a worm, access your files, or use your computer to spread malicious software to others.

It's generally safer to create a program exception than to open a port. If you open a port, it stays open until you close it, whether or not a program is using it. If you create an exception, the "door" is open only when needed for a particular communication.

To help decrease your security risk:

  • Only create an exception or open a port when you really need to, and remove exceptions or close ports that you no longer need.

  • Never create an exception or open a port for a program that you do not recognize.