What Exactly Is A Firewall?

A firewall is a type of gateway that limits or controls access between computer networks, in accordance with a user-defined security policy.

Fortunately, most internet users are now aware of the risks posed by viruses and install a good antivirus product in order to keep themselves safe on that front. Increasingly, anti-spyware products are being utilised by more and more people who are aware of some of the negative sides of the worldwide web.

What Exactly Is A Firewall?

However, if you don’t have a firewall, then there are still some dangers.

Without one, you may still be leaving yourself wide open to a variety of different attacks, probes, and even break-ins. As the name suggests, a firewall acts like a physical ‘wall’ between your computer and a large proportion of undesirable activity on the internet. Whilst there are still risks with dial-up connections, the advent of broadband has made the need for firewalls more intense as such connections are ‘always on’, providing a constant link between your computer and the outside world.

TRAFFIC CONTROL

There are 3 main methods employed by firewalls to control traffic flowing in and out of the network.

A firewall may use one or more of these methods at any one time –

Packet filtering

Packets (small pieces of data) are analysed and filtered.

Packets that make it through filtering are delivered to the requesting system whilst the others are dropped, or discarded.

Proxy service

Information obtained from the Internet is first retrieved by the firewall, then sent to the requesting system, and vice versa.

Stateful inspection

A method that compares certain elements of a packet versus a database of trusted information.

Information traveling from within the firewall to the outside world is monitored for specific defining characteristics.

Inbound information is then compared to those same characteristics.

If there is a reasonable match then the information is allowed through.

If not, it is discarded.

HOW DOES A FIREWALL FILTER INTERNET TRAFFIC?

Filters can be defined as rules or conditions, set by the owner of the firewall, which control the traffic that is allowed in and out of their network.

Some or all of the filter can be used in any way the owner desires.

Some of the more commonly used filters are –

IP addresses

Every machine on the Internet is assigned a unique address called an IP address.

IP addresses are 32-bit numbers, such as 193.251.68.139, for example.

If a particular IP address is accessing too many files from a server, then the firewall can block all traffic to or from said IP address.

Domain names

As remembering strings of numbers is difficult for humans, all servers on the internet are assigned more recognisable descriptions, known as domain names.

Therefore it may be easier to block somesite.com, rather than 193.251.68.139.

Protocols

A protocol is the way in which someone, or something, communicates or ‘talks’ to a service.

Typically this will be a web browser.

The protocol could be, for example, the ‘http’ part of a website’s address.

COMMON PROTOCOLS

Here are some of the common protocols associated with firewalls –

IP (Internet Protocol)

The primary delivery system for information over the Internet.

HTTP (Hyper Text Transfer Protocol)

Used for transferring data on Web pages.

SMTP (Simple Mail Transport Protocol)

Used to send email.

TCP(Transmission Control Protocol)

Used in breaking down information into packets over the internet and rebuilding them at their destination.

FTP (File Transfer Protocol)

Used in downloading and uploading data.

UDP(User Datagram Protocol)

Used when no response is required, i.e. for streaming audio and video.

Telnet

Used to perform commands on a remote computer.

SNMP (Simple Network Management Protocol)

Used to collect system information from a remote computer.

A firewall allows these protocols to be allowed or denied in many different ways.

PORTS

A computer makes it’s services available to the Internet through the use of numbered ports.

One port is assigned to each service that is available on the server.

If the FTP server is available on port 21 then an administrator in a large organisation of networked machines may use the firewall to block it on certain machines so that only authorised personnel can upload and download.

KEYWORDS AND PHRASES

A firewall can be told to block certain words or phrases, for example, the word ‘sex’.

Any incoming or outgoing packets found to contain an exact match for that word would then be blocked.

HARDWARE FIREWALLS

Hardware firewalls can normally be found inside DSL or cable routers.

Hardware firewalls are typically superior to software ones, though used in conjunction, they can offer a higher level of security.

SUMMARY

As you are hopefully now aware, adware, malware and viruses are not the only threats on the internet.

There are also hackers to be aware of, as well as inappropriate information you may wish to block from your system or network.

A software firewall offers some protection from both.

A hardware firewall is a better option, but using both together would be the ultimate in internet self-defence.

About Lee Munson

Lee's non-technical background allows him to write about internet security in a clear way that is understandable to both IT professionals and people just like you who need simple answers to your security questions.

Trackbacks

  1. […] on Control Panel. Next, choose System and Security and then click on Windows Firewall.{Do you need an explanation of what a firewall is?}This will take you to the screen seen below which will show whether the firewall is currently on […]

  2. […] this article is aimed at advanced users, I will not go into too much detail of what a firewall is as most people who attempt to build a custom version will already know what it […]

  3. […] I said with the antivirus if you use a third party firewall, then you might want to go with one of the major companies until the smaller companies have had a […]

Speak Your Mind

*