|
| FAQ Article: What is a Firewall? |
Firewalls used to be "optional" and most people did not use them a couple of years back - but now EVERYONE should have one. This is largely due to the increased amount of Internet users worldwide, and therefore, the increased amount of hackers and threats on the net.
It is a well known fact that even now, around 50% of businesses on the net have no idea about Internet Security or how to secure their systems from attack. Personal Internet users are even worse, largely due to their ignorance over how open to the Internet they really are. In fact, quite a number of personal users don't take any security precautions because they don't think a hacker would have any reason to attack them. This is the worst attitude you could possibly have!
A firewall is a system or group of systems that control access between two networks. Think of a Firewall as a system based on rules. When data tries to pass from one network to another, the Firewall will halt the transfer and check its rules to see if that kind of data should be allowed to pass through the Firewall, and if the origin of the data is trusted.
A Firewall can be very limited by its rules, and some will only allow email traffic through them, thereby protecting the network against any attacks other than attacks against the email service. Other firewalls provide less strict protections, and block services that are known to cause problems.
The other good thing about a firewall is that it can be used as a tracing tool. By this, I mean it logs all illegal attempts to access your system or pass unauthenticated data to it. A typical log would probably hold the time/date, IP/Hostname of the attacker, protocol of attack, type of attack, traffic generated etc.
Firewalls are not your one-stop-security-solution though! A Firewall needs to be used as an extra precaution. For example, a firewall will not stop you running trojan attached to an email - or stop you from accidentally badly configuring a CGI script on your server.
Ok, so you might complain that, although it wouldn't stop you infecting yourself with a trojan - once the trojan tried to send data over your net connection, the firewall would stop it and alert you. Trojans DO NOT like firewalls :) . Anyhow, all I am saying is that you can't just expect to install a Firewall and be 100% secure.
Ok...now - there are actually two types of Firewalls:
- Application level
- Network level
Application level
Application level firewalls generally are hosts running proxy servers, which permit no traffic directly between networks, and which perform elaborate logging and auditing of traffic passing through them.
Since the proxy applications are software components running on the firewall, it is a good place to do lots of logging and access control. Application level firewalls are often fully transparent to the user, and tend to provide more detailed audit reports than network level firewalls.
Network Level
These operate using rules which state allowed source, destination addresses and ports in individual IP packets. One thing that's an important distinction about many network level firewalls is that they route traffic directly though them, so to use one you usually need to have a validly assigned IP address block. Network level firewalls tend to be very fast and tend to be transparent to users.
Do I need a Firewall?
Yes!. Even if you only go on the net occasionally to browse and check your mail - its better to be safe. If you have permanent connections, or run your own web server - then you most definately do need one! It's worth mentioning that these days, Windows actually comes with one built in.
The distinction comes when you need to decide what kind of protection you need. For most users (for surfing, checking email, IRC) you will probably only need a free Firewall or a very cheap one...but others may need to spend a bit more.
Can I get a Firewall?
Yes - you can even get one for free (Windows even comes with one built in). As with most things, you will probably get what you pay for - so it is worth looking around before you decide which Firewall you are going to use to protect your personal computer. Generally, a personal Firewall should:
- Block unwanted traffic into your PC
- Warn you of connections to your PC from unknown hosts
- Stealth your ports which are not in use (i.e. so there is no evidence that a computer exists at that port)
- Allow you to choose which applications on your system are allowed to access the Internet
- Allow you to choose which applications on your system are allowed to behave like servers
- Provide clear and detailed logs
One of the most popular free personal firewalls (aside from Windows firewall) is Zone Alarm.
|
Posted on: 22-10-2000
Article has been viewed 8555 times
|
| |
| Comments |
|
Comment by Soti Plomis - 25-05-2005
I like what you write but they are not absolutelu true. I have a hardware
firewall and a software (zone alarm pro) but in 3 computers I have not
a network the ports 21, 23, 80, are always open whatever I do.So most firewalls are useless. Windows firewall is enough I believe.
Best Regards
Soti
Comment by Wang - 26-05-2005
Hi, thanks for the comments and for visiting the site. I can assure you that if your firewall (software or hardware) is correctly configured - then it will not allow any access to port 21,23,80 (or any other ports you specify). It is unusual for a firewall to allow access to these ports by default too. I would strongly suggest you check your firewalls configuration and have a look on google for some setup guides.
Post a comment
Please use the form below to post your comments on this article. All comments will be reviewed by the admin before being published publically.
|
| |
|
