|
What is a Firewall ?
|
A system designed to prevent unauthorized
access to or from a private
network. Firewalls can be implemented in both
hardware and
software, or a combination of both. Firewalls are
frequently used to prevent unauthorized
Internet users from accessing private networks
connected to the Internet, especially
intranets. All messages entering or leaving
the intranet pass through the firewall, which examines each message and
blocks those that do not meet the specified
security criteria.
There are several types of firewall techniques:
In practice, many firewalls use two or more of
these techniques in concert.
A firewall is considered a first line of defense
in protecting private information. For greater security,
data
can be
encrypted. |
|
Credit: Webopedia |
~Back
to the top of the page.~
Examples of Firewalls:
Software:
Software firewalls are programs installed
on your computer that create the firewall protection at your computer as
shown in the diagram below. They function by closing specific ports
(internet access points on a computer) to the outside world and only opening
certain ports to allow specific traffic to pass thru, such as e-mail.
 |
| |
Allowed traffic passes |
|
Disallowed traffic is
blocked. |
|
Some examples of software firewalls are
ZoneAlarm,
Tiny Personal
Firewall or
Norton
Internet Security.
Hardware:
Hardware firewalls exist on another piece
of hardware on your internal network. Most often this is a router that
you are using to share your internet connection across multiple computers in
your house. The diagram below shows how the hardware firewall
physically sits between your computer and the internet. Opening only
certain ports in and out keeps traffic you do not want from reaching your
computer(s) or network.
 |
| |
Allowed traffic passes |
|
Disallowed traffic is
blocked. |
|
Some examples of hardware that contain
firewalls are routers, such as
Linksys
or
Netgear and can also be another
computer using a software firewall with internet connection sharing.
~Back
to the top of the page.~
Should I use a Firewall ?
If you are connecting to the internet via
a dial-up modem there is really no need to use a firewall. The
majority of attacks that firewalls help defend against count on the computer
having the same IP address for a long period of time. When you dial
into the internet you are given a new IP address each time. So it's
very difficult for an attacker to locate your system after you log in again.
Also since you can go offline by disconnecting there is no need for a
firewall to be running at those times.
If you are using a DSL or Cable
connection (otherwise known as: Always-On Connections) you may want to run a
firewall. Since these connections are "Always-On" they normally always
maintain the same IP address, so they are easily found again again by
potential attackers. However serious attackers will bypass the
majority normal internet users, although there are attackers who will search
for your private information or just generally cause trouble. A
firewall can help cut down on these types of threats but it cannot
completely stop all external threats.
Technical Support suggests that if you
would like to use a firewall to explore a hardware based firewall, as
software based firewalls can actually stop your complete access to the
internet (hardware firewalls can do this as well, but are less likely to
cause problems.)
~Back
to the top of the page.~
What do I do if my
Firewall detects an "attack" ?
A properly designed and configured
firewall will normally only report activity that appears to be an attack.
However most firewall software will also report benign internet activity as
an attack as well.
A common "attack" is when a network
broadcast or packet send that is unexpected is received, such as Windows
broadcasting for shared computers on the network. The majority of
these can be blocked by the ISP to reduce the network clutter, but you still
may see some.
Knowing what is an attack and what isn't
is a bit technical to diagnose. We suggest if you are using a firewall
and think you are being attacked to do research first. Search the
support area of the website for the company who created your firewall or
search
Google for more information.
If you believe you have found a valid attack, please follow the instructions
provided with your firewall on how to properly report it.
~Back
to the top of the page.~
What are some common "attacks" ?
As stated before not all attacks reported
by your firewall are actually attacks. The majority of the time these
are simple benign internet activity that caught the firewall's attention.
More information on what may be happening can be found at this site.
~Back
to the top of the page.~
|
