Pulaski County Insider - Forum
Home Dictionary Thesaurus Weather Links
  Yellow Pages Today's Posts Who's Online  

Go Back   Pulaski County Insider - Forum > Family Central > Do It Yourself

Thread Tools Display Modes
Old 01-13-2007, 03:24 AM
Posts: n/a
Default Firewalls Explained

The threat of an external attack on your computer is now so great that a firewall has become a necessity.
If your computer is attacked there is a chance that private data such as passwords may be stolen or deleted. The potential damage could be immense, especially if you are working from home.

Leaving your system open to outsiders not only allows people to steal all of your important information, but also the chance to infect your computer with viruses, Trojans, worms and all sorts of destructive code.

A firewall isolates your computer from the Internet using a 'wall of code' that inspects each individual 'packet' of data as it arrives at either side of the firewall - inbound to or outbound from your computer - to determine whether it should be allowed to pass or be blocked.

There are, in general, two types of firewall: the filtering firewall and the proxy firewall, both are well respected. The details of these can get quite complicated. Instead we will look into the use of personal firewalls. These are different from a regular firewall in that they only protect a single computer from attack.

Personal firewall protection is especially useful for users with "always-on" connections such as ADSL, cable modem, or wireless connections. Such connections use static IP addresses that make them especially vulnerable to potential hackers. Often compared to anti-virus applications, personal firewalls work in the background to protect the integrity of the system from malicious computer code by controlling Internet connections to and from a user's computer, filtering inbound and outbound traffic, and alerting the user to attempted intrusions.

Several companies have announced plans to develop personal firewall solutions that will go right in the chips used in ADSL and cable modems. It is generally believed that personal firewall protection will become standard issue for new home computers in the not-too-distant future.

You need a personal Internet firewall if you can say 'yes' to any of the following:
Your computer's files need to be accessed remotely across the Internet.
You are operating any sort of Internet server such as Personal Web Server.
You want to properly and safely monitor your Internet connection for intrusion attempts.
You want to pre-emptively protect yourself from compromise by 'inside the wall' Trojan horse programs like NetBus and Back Orifice.

All Internet communication is accomplished by the exchange of individual 'packets' of data. Each packet is transmitted by its source machine toward its destination machine. Packets are the fundamental unit of information flow across the Internet. Even though we refer to 'connections' between computers, these 'connections' are actually comprised of individual packets travelling between those two 'connected' machines. Essentially, they 'agree' that they're connected and each machine sends back 'acknowledgement packets' to let the sending machine know that the data was received.
In order to reach its destination - whether it's another computer two feet away or two continents distant - every Internet packet must contain a destination address and port number. And, so that the receiving computer knows who sent the packet, every packet must also contain the IP address and a port number of the originating machine. In other words, any packet travelling the Net contains - first and foremost - its complete source and destination addresses. An IP address always identifies a single machine on the Internet and the port is associated with a particular service or conversation happening on that machine.

Since firewall software inspects each and every packet of data as it arrives at your computer the firewall has total power over your computer's receipt of anything from the Internet.
The port used by your PC for data transfer is called a TCP/IP port. This port is only 'open' on your computer if your computer answers the first arriving packet, which requests the establishment of a connection. If the arriving packet is simply ignored, that port of your computer will effectively disappear from the Internet. No one and nothing can connect to it!

But the real power of a firewall resides in its ability to be selective about what it lets through. Since every arriving packet must contain the correct IP address of the sender's machine, (in order for the receiver to send back a receipt acknowledgment) the firewall can be selective about which packets are admitted and which are dropped. It can 'filter' the arriving packets based on any combination of the sending machine's IP address and port and the destination IP address and port.

For example, suppose that you wish to create a secure 'tunnel' across the Internet to allow your home and office computers to share their files without any danger of unauthorized intrusion. Firewall technology makes this possible and relatively simple. You would instruct the firewall running on your office computer to permit from the IP address of your home computer. The firewall running on your home machine would similarly be instructed to permit connections from only your office machine's IP address. Thus, either machine can 'see' the other, but no one else on the Internet can see that either machine has established such a secure tunnel across the Net.

I could go on in more depth, as it gets a lot more complicated, but for the time being I shall stick to these basics.

The challenge companies face is to design a simplified firewall for the non- expert end user. I have compiled a small list of software based personal firewall programs available.
Reply With Quote

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

All times are GMT -5. The time now is 10:20 AM.

Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.
Copyright 2007 - 2013 - Pulaski County Insider, LLC