An Introduction to Firewalls
Results 1 to 4 of 4

Thread: An Introduction to Firewalls

  1. #1
    Join Date
    Dec 2000
    Dallas, TX USA


    1. What are they?

      Firewalls are devices or programs that inspect and filter the network traffic coming into or going out of a computer. This traffic may be to other computers on a network or to other computers on the Internet. This network traffic is divided into "packets" of data, each one of which contains both the originating and destination addresses of the data, how many packets of data the original chunk of data has been broken into, and the number of the individual packet.
    2. Why do you need one?

      Having a firewall can protect you from viruses that exploit bugs in the operating system or applications (the MSBlaster worm is a good example of one of these). It can protect against a hacker remotely logging in to your PC and gaining control of it. It can simply protect your privacy - many applications these days want to communicate with a remote server, having a firewall will allow you to deny access if you so desire. And, more importantly, a firewall will also alert you to malicious programs known as Trojan Horses (or just Trojans) that can get installed on your PC without your permission or knowledge (or they will sometimes trick you into giving permission to install themselves). These programs can range from the relatively benign application that just reports your browsing habits, to much more serious ones that will steal your credit card numbers, or take over your PC to be used as a spam server, to give a couple of examples. Firewalls can also help protect against "Denial of Service" attacks.
    3. How do they work?

      All computers either on a local network or on the wider Internet have a unique address known as an IP (Internet Protocol) address. For home computer users this IP address is assigned to you by your ISP. Your computer will then subdivide this address into "ports" which consist of a number between 0 and 65535, these ports are used by different applications to connect to the network or Internet.

      A packet filtering firewall will examine the packets of data, compare them to a list of rules which is based on the source of the data, its destination, and the port it was sent from and is destined for. The limitation of packet filtering is that ports and IP addresses are all that is filtered, the content of the data packets is ignored.

      A more sophisticated firewall is called a stateful inspection firewall. These use the methods of packet filtering firewalls but also examine the contents of the data packets as well.
    4. Types of firewall:

      Firewalls come in two basic types; software firewalls and hardware firewalls:

      Software firewalls, as the name suggests, are installed as an application on the computer, and will then monitor the computer's ports and inspect each packet of incoming or outgoing information. The advantage of software firewalls is that they can block both incoming and outgoing traffic - blocking outgoing traffic will prevent malware from "phoning home". They have the disadvantage of having to be installed on each PC, and may need to be updated occasionally.

      Hardware firewalls are physical devices that sit between the computer and the network and monitor the traffic. The advantage is that once it's set up it can be left alone to do it's job, but the disadvantage is that it will only protect against incoming traffic - any malware that gets installed can "phone home" with impunity.

      There is no reason why both software and hardware firewalls can't be used in conjunction with each other - especially as software firewalls will often give much more useful information to the user as to what is accessing the network. Using more than one software firewall at the same time is not a good idea, however.
    5. Network Address Translation (NAT):

      Those of you with a network of computers will often connect them together with a switch or router. These devices usually employ what is known as network address translation, where the IP address assigned by the ISP is exposed to the computers on the Internet at large, and the computers of the internal network are given their own IP addresses by the router. This effectively hides them from the world at large, and while not a true firewall, is nonetheless very effective in keeping unwanted intrusions at bay. In conjunction with a software or hardware firewall, it gives a useful added layer of defense. Some routers will have both NAT and a hardware firewall built in.
    6. A final important note:

      Most software firewalls will have a method of alerting the user to possible hacking or attack events. It's very important to realize that the vast majority of attempts to access your PC's ports are perfectly routine Internet traffic - your ISP wanting to make sure that you're still online for example. It's not unknown for people to become extremely paranoid about this, and to report every email address that's logged to their ISP and anyone else they can think of! Please don't be tempted to follow their example - if you think a hacking attempt is being made, or you're not sure about anything that your firewall is reporting, then ask right here in our "Security and Privacy" Forum. We'll be glad to answer any questions that you have.
    Prepared by TJolly, Usil, P3-450 and Supersparks

  2. #2
    Join Date
    Jan 2000
    Brooklyn, New York, USA
    Here is a list of some free Firewalls that are available according to I make no reccomendation as to which is the best.

    Sygate Personal Firewall
    AlertWall Personal Firewall
    Enigma Firewall 1.1
    Omniquad Personal Firewall
    Jetico Personal Firewall
    WyvernWorks Firewall 2004

    Not included on the list, is the free firewall that comes with Windows XP.

    Just to add one more note:
    A good firewall is one that will prevent and alert you to both incoming and outgoing traffic. Currently the Firewall that comes with XP does not yet do that.

    "To err is human, but to really foul things up you need a computer."

    Home Build Intel Core Duo 2.0 GHz, 2 Gig RAM, Dual Boot XP Pro and Ubuntu 8.04LS

  3. #3
    Join Date
    Aug 2001
    Strasburg, VA


    Two more freebies: Agnitum Outpost and Kerio for home use.

    Used Outpost for two years, first as a freebie, then a Pro version. Found little difference between the two. No penetration of any kind in that time.

    A couple of useful sites:

  4. #4
    Join Date
    Feb 2000
    26.03N 80.14W
    Vernon Frazee, Microsoft MVP (Windows - Shell/User)

    Defenses Up!
    Tip: When prompted for a password, give an incorrect one first. A phishing site will accept it; a legitimate one won't.

    Inside Spyware: A Guide to Finding, Removing and Preventing Online Pests

    If you don't keep up with security fixes, your computer|network won't be yours for long.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts