Free Monthly Newsletter...and much more!

5 Star Support - Free Computer Help and Technical Support

 

 .
5 Star Support Home
Free Technical Support
Computer Help Forums
Computer Tutorials
Tips, Tricks & Tweaks
Troubleshooting FAQ
 
Google

 

What is a firewall?

Written by :
Tjolly
5 Star Support Forums Admin
  1. What are they?

    Firewalls are devices or programs that inspect and filter the network traffic coming into or going out of a computer. This traffic may be to other computers on a network or to other computers on the Internet. This network traffic is divided into "packets" of data, each one of which contains both the originating and destination addresses of the data, how many packets of data the original chunk of data has been broken into, and the number of the individual packet.
     
  2. Why do you need one?

    Having a firewall can protect you from viruses that exploit bugs in the operating system or applications (the MSBlaster worm is a good example of one of these). It can protect against a hacker remotely logging in to your PC and gaining control of it. It can simply protect your privacy - many applications these days want to communicate with a remote server, having a firewall will allow you to deny access if you so desire. And, more importantly, a firewall will also alert you to malicious programs known as Trojan Horses (or just Trojans) that can get installed on your PC without your permission or knowledge (or they will sometimes trick you into giving permission to install themselves). These programs can range from the relatively benign app that just reports your browsing habits, to much more
    serious ones that will steal your credit card numbers, or take over your PC to be used as a spam server, to give a couple of examples. Firewalls can also help protect against "Denial of Service" attacks.
     
  3. How do they work?

    All computers either on a local network or on the wider Internet have a unique address known as an IP (Internet Protocol) address. For home computer users this IP address is assigned to you by your ISP. Your computer will then subdivide this address into "ports" which consist of a number between 0 and 65535, these ports are used by different applications to connect to the network or Internet.

    A packet filtering firewall will examine the packets of data, compare them to a list of rules which is based on the source of the data, its destination, and the port it was sent from and is destined for. The limitation of packet filtering is that ports and IP addresses are all that is filtered, the content of the data packets is ignored.

    A more sophisticated firewall is called a stateful inspection firewall. These use the methods of packet filtering firewalls but also examine the contents of the data packets as well.
     
  4. Types of firewall:

    Firewalls come in two basic types; software firewalls and hardware firewalls:

    Software firewalls, as the name suggests, are installed as an application on the computer, and will then monitor the computer's ports and inspect each packet of incoming or outgoing information. The advantage of software firewalls is that they can block both incoming and outgoing traffic - blocking outgoing traffic will prevent malware from "phoning home". They have the disadvantage of having to be installed on each PC, and may need to be updated occasionally.

    Hardware firewalls are physical devices that sit between the computer and the network and monitor the traffic. The advantage is that once it's set up it can be left alone to do it's job, but the disadvantage is that it will only protect against incoming traffic - any malware that gets installed can "phone home" with impunity.

    There is no reason why both software and hardware firewalls can't be used in conjunction with each other - especially as software firewalls will often give much more useful information to the user as to what is accessing the network. Using more than one software firewall at the same time is not a good idea, however.
     
  5. Network Address Translation (NAT):

    Those of you with a network of computers will often connect them together with a switch or router. These devices usually employ what is known as network address translation, where the IP address assigned by the ISP is exposed to the computers on the Internet at large, and the computers of the internal network are given their own IP addresses by the router. This effectively hides them from the world at large, and while not a true firewall, is nonetheless very effective in keeping unwanted intrusions at bay. In conjunction with a software or hardware firewall, it gives a useful added layer of defense. Some routers will have both NAT and a hardware firewall built in.
     
  6. Firewall Alert Method:

    Most software firewalls will have a method of alerting the user to possible hacking or attack events. It's very important to realize that the vast majority of attempts to access your PC's ports are perfectly routine Internet traffic - your ISP wanting to make sure that you're still online for example. It's not unknown for people to become extremely paranoid about this, and to report every email address that's logged to their ISP and anyone else they can think of! Please don't be tempted to follow their example - if you think a hacking attempt is being made, or you're not sure about anything that your firewall is reporting, then ask here in our Spware/Malware Forum.
[Top]
 
     
 

Advertise with us | About | Links | Donate | Comments | Awards
   Site Map | Privacy Policy | Terms of Use | Newsletter Archive
Usage of this site constitutes acceptance of our Terms of Use
Copyright © 2000-2008  5 Star Support All rights reserved.