FIREWALLS

INTRODUCTION TO FIREWALLS

A firewall is a hardware or software system that prevents unauthorized access to or from a network. They can be implemented in both hardware and software, or a combination of both. Firewalls are frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet. All data entering or leaving the Intranet pass through the firewall, which examines each packet and blocks those that do not meet the specified security criteria.

Generally, firewalls are configured to protect against unauthenticated interactive logins from the outside world. This helps prevent hackers from logging into machines on your network. More sophisticated firewalls block traffic from the outside to the inside, but permit users on the inside to communicate a little more freely with the outside.

Firewalls are essential since they can provide a single block point where security and auditing can be imposed. Firewalls provide an important logging and auditing function; often they provide summaries to the administrator about what type/volume of traffic has been processed through it. This is an important point since providing this block point can serve the same purpose (on your network) as an armed guard can (for physical premises).

Firewall Features:

When choosing your firewall it is important to pay attention to what features they offer you as these features can make a large difference in how your computer is protected. For some people certain features are more important than others, but in terms of security the most important are inbound and outbound filtering, application protection, notifications, and stealth mode

Inbound and Outbound Filtering:

Filtering is when a firewall examines information passing through it and determines if that information is allowed to be transmitted and received or should be discarded based on rules or filters that have been created.

This is the primary function of a firewall and how it handles these tasks is very important for your security.

Most people feel inbound filtering, which is the processing of inbound data towards your computer, is the most important function of a firewall.

Outbound filtering, though, plays just as an important role for securing your computer. You may have had malware installed on your computer without your knowledge, and suddenly when you install a firewall with outbound filtering, you will find that software on your computer is attempting to transmit data to a remote host somewhere on the Internet.

Now, not only do you know that this software is installed, but the outbound filtering stopped it from passing on private information.

Stealth Mode:

It is important for your firewall to not only block requests to reach your computer, but to also make it appear as if your computer does not even exist on the Internet. When you are connected to the Internet and your computer can not be detected via probes to your computer, you are in what is called Stealth mode. Hackers have the ability to detect if you are on the Internet by probing your machine with special data and examining the results. When you are in Stealth mode the firewall does not send this information back making it seem like you are not even connected. Due to this hackers will not continue targeting your computer as they will think you are not online.

Privacy protection:

Many firewalls now have the ability to block spyware, hijackers, and adware from reaching your computer. This allows you to protect your computer from being infected with software that is known to reveal private information about what you do on the Internet or other computing habits. These features are usually bundled into the commercial versions of the firewall software packages.

Application Integrity:

Application Integrity is when the firewall monitors the files on your computer for modification in the file or how they are launched. When it detects such a change it will notify the user of this and not allow that application to run or transmit data to the Internet. Many times these modifications may have been part of an upgrade, but if it was modified by a malicious program you will now be made aware of it.

Intrusion detection:

Intruders use various methods to penetrate the security of your computer. Intrusion detection scans incoming data for signatures of known methods and notifies you when such attacks are recognized. This allows you to see what means a hacker is trying to use to hack your computer.

Notifications:

Notifications allow you to see the activity of what is happening on your firewall and for the firewall to notify you in various ways about possible penetration attempts on your computer.