Monday, June 10, 2013

10:27 AM




You’ve probably heard that firewalls are an important security protection, but do you know why that is? Many people don’t, if references to firewalls in TV shows, movies, and other forms of popular media are any indication.

A firewall sits between a computer (or local network) and another network (such as the Internet), controlling the incoming and outgoing network traffic. Without a firewall, anything goes. With a firewall, the firewall’s rules determine which traffic is allowed through and which isn’t.

Why Firewalls For Computers 



Most people now use routers at home so they can share their Internet connection between multiple devices. However, there was a time when many people plugged their computer’s Ethernet cable directly into their cable or DSL modem, connecting the computer directly to the Internet. A computer connected directly to the Internet has a publicly addressable IP – in other words, anyone on the Internet can reach it. Any network services you have running on your computer – like the services that come with Windows for file and printer sharing, remote desktop, and other features – would be accessible to other computers on the Internet.

The original release of Windows XP didn’t contain a firewall. The combination of having services designed for local networks, no firewall, and computers connected directly to the Internet led to many Windows XP computers becoming infected within minutes of being connected directly to the Internet.

The Windows Firewall was introduced in Windows XP Service Pack 2, and it finally enabled a firewall by default in Windows. Those network services were isolated from the Internet. Rather than accepting all incoming connections, a firewalled system drops all incoming connections unless it’s specifically configured to allow these incoming connections.

This prevents people on the Internet from connecting to local network services on your computer. It also controls access to network services from other computers on your local network. That’s why you’re asked what type of network it is when you connect to one in Windows. If you connect to a Home network, the firewall will allow access to these services. If you connect to a Public network, the firewall will deny access

Even if a network service itself is configured not to allow connections from the Internet, it’s possible that the service itself has a security flaw and a specially crafted request could allow an attacker to run arbitrary code on your computer. A firewall prevents this by getting in the way, preventing incoming connections from even reaching these potentially vulnerable services.

Firewall Functions



Firewalls sit between a network (such as the Internet) and the computer (or local network) the firewall is protecting. A firewall’s main security purpose for home users is blocking unsolicited incoming network traffic, but firewalls can do much more than that. Because a firewall is sitting between these two networks, it can analyze all traffic reaching or leaving the network and decide what to do with it. For example, a firewall could also be configured to block certain types of outgoing traffic or it could log suspicious traffic (or all traffic).

A firewall could have a variety of rules that allow and deny certain types of traffic. For example, it could only allow connections to a server from a specific IP address, dropping all connection requests from elsewhere for security.

Firewalls can be anything from a piece of software running on your laptop (like the firewall included with Windows) to dedicated hardware in a corporate network. Such corporate firewalls could analyze outgoing traffic to ensure no malware was communicating through the network, monitor employee’s network use, and filter traffic  — for example, a firewall could be configured to only allow web browsing traffic through the firewall, blocking access to other types of applications.

0 comments:

Post a Comment