In a building, a firewall is a reinforced masonry wall that is designed to prevent a fire spreading through the structure, allowing people time to escape. Similarly, in a computer network, a firewall is a barrier that blocks dangerous communications from spreading across a network, either from the outside world into a local network, or from one part of a local network to another.
Firewalls can be supplied as dedicated network devices or they may form part of a network router. A firewall might also be included as part of a computer’s operating system.
The internet existed for a long time before firewalls were invented. The first discussion of the necessary technologies took place late 1988, and came about after several attacks from organised groups of hackers and the very first malicious software.
At their simplest, firewalls block network communications by looking at the addressing and protocol information in the data packet’s header. As a data packet (or datagram) arrives at the firewall’s interface, the addressing (usually IP) and protocol information (usually TCP or UDP) is compared to rules programmed into the firewall’s software. These rules can be supplied by the firewall’s manufacturer, or more often they are created by an administrator or sometimes the user.
So if a packet originating from a hacker conducting a scan of your network or computer arrives at a firewall, it will inspect its addressing and protocol information and then compare this against its set of rules. If the set of rules say that packets from an unknown address (the hacker) are to be blocked, then the firewall may either discard the packet ‘silently’ or ‘close’ the connection with the hacker.
Most firewalls store the state of connections to determine if they represent new or existing connections. It will only allow packets belonging to a known, active connection to pass (provided the rule set allows this). More advanced firewalls can identify the applications responsible for sending and receiving packets, allowing network managers to block applications that use excessive bandwidth – such as media players, or those widely used for distributing copyright infringing content – such as BitTorrent applications, as well as protecting from application attacks.
Personal firewalls
Most operating systems come with a firewall that is installed as part of an operating system.
This firewall is only able to protect the computer it is installed on (and any devices attached to it) from an attack, so it is called a personal firewall. It is not intended to replace a network firewall which prevents attacks from outside of the network (such as from the internet).
Personal firewalls are especially useful for people with portable computers which will inevitably be connected to a wide range of computer networks. While we all hope and, to some extent, trust the people responsible for maintaining these networks to maintain a safe system, we cannot be sure that these networks are not compromised. The personal firewall on our own computers therefore adds a layer of protection between our personal data and a potentially untrustworthy (but useful) network.
Personal firewalls are the responsibility of individual computer users. If you have complete access to your computer’s settings then it is entirely possible to turn off the personal firewall and leave your computer vulnerable.
Other firewalls
Other firewalls are available either to download or as software packages that can be bought from retailers.
You may prefer to use one of these programs, but if you do, please remember:
- you should only keep one firewall running at a time since multiple firewalls will not offer significantly better protection and can interfere with one another
- you must keep one firewall running at all times.
No comments:
Post a Comment