In my opinion, and truly take it for what it is worth and please research this.  Is a key component, and backbone of defense against an attack.  A firewall is not some construction term for preventing the spread of a fire in a building(see the wiki article), it’s not a British DJ(see the wiki article), and it isn’t a movie staring Harrison Ford(see the wiki article). 

A Firewall is the term used for either a piece of Software or Hardware that either restricts or prevents communication between to segments of a network or computers, normally this restriction is to prevent Unauthorized Access.

In order to explain a firewall I’m going to need to explain what in IP Address is and what port(s) are.  This will help explain the basics of how a firewall works.  In order to explain this at length, I will be using an analogy of a building(either office or home building) and it's street address.

A computer for all intents and purposes, when connected to the Internet or a home Network(AKA LAN[Local Area Network]), is like a building on a on a street.  I am going to name this street Cyber Street.  The building has a street address(IP Address) that allows all traffic from the mail man to friends and family the ability to find this building.  Well this is a new building, and it is a residential home.  1001 Cyber Street is the address of this home.

Home 1001 Cyber Street has some pretty friendly neighbors, at least for the sake of this article it does.  All the neighbors on this block are great, they share the street and get along for the most part.  This is a Local Area Network in terms of scale and comparison.  Even so the neighbors really don't need to be looking in every window of this home, so installing currents(firewall) for every window(Port) is a good idea.  The doors get get locks(firewall) and a peep hole to see who is at the door(outbound port traffic).

 

This is a home after all, not a business building where just anyone can come and go as they please(Amazon.com, Microsoft.com, CNet.com, etc).  Now there are some people who are allowed to come and go as they please, that friendly neighbor who has helped with thick and thin, family members, close friends, all people from other street address with their own home.  There has to be some way to allow them to come and go as they please, so a key is made to give to them, or the security code to the alarm, or other various methods of allowing access to the home(Authorized Access Rules).

Of course most people go through the front door, but some go through the back, and the rebellious teenager might go through the window.  These are all ports, and even though they are different ports, technically these people do have permission to come in, get what they need to get done, and get out again, in some cases stay for a little bit.  A window might be opened so a mother can yell at their child in the back yard, a door so that movers can move furniture in and/or out, whatever the reason there are some valid reasons to allow access.

Just as there are valid reasons to allow access, there are some very real reasons to deny access.  A burglar is the most typical person that house security tries to prevent.  There are other types, however I'm not going into detail or listing them here.  These individuals are not wanted inside the house, they have restrictive access.

There is no avenue of entry that isn't tried from windows(port), doors(port), garage(port), and other various access points.  These burglars will try and disable the security for the house if they can(anti-virus, anti-spyware, firewall, etc).   Some will search for a key, others will get to know the habits of the people living in the house, after all the neighbor at 1002 Cyber Street always leaves the door to the garage open for several hours before remembering to close it, giving access to the car, tools, and other valuables inside the garage making it an easy target.

Computers, are a lot like houses with a street address.  An IP Address is a computers street number.  A LAN is the street the computer is on.  And the LAN that is connected to the internet through a modem, is in a city of other LANs(also known as a Wide Area Network or WAN).  For the purpose of this article, since there are many different ways this can be setup I will not go into too much detail on what those differences are.

So the computer is connected to the Internet, through what is more typical this day an age, a dual Modem/Router.  The purpose of this little device is three fold.  First, give several computers connected to it, an IP Address so that all the computers connected to the Router are on the same Network(LAN) and can now use this network to talk to each other.  The typical setup is 192.168.0.2 through 192.168.0.254(192.168.0.1 is reserved for the router, 192.168.0.0 & 192.168.0.255 are reserved for special network traffic that is needed to keep a network functioning).

Second, the router does what it's namesake comes from, it "routes" all the computers to the internet.  It's a lot like a GPS or Map telling someone how to get from point A to point B.  In the computers case however it never needs to leave the home to get to point B. 

Third, the router acts as a hub of communication between all the computers on the LAN, so that all the neighbors can access other neighbors computers.  My friends and I constantly share music, files, pictures, and other various items.  Sometimes we all play games against each other over the network, no internet access required.  All that is needed is for the router to act like a hub.

Now that the computer has an IP Address, security is the next big concern.  After all keeping out the burglars is a key factor.  To do this, a Firewall application is used.  A firewall configured properly will only allow certain traffic through the door.  Or what is called a port.  Every computer has over 5000+ ports.  The best example of a port that is used every day, is port 80.  This is the HTTP(Hyper Text Transport Protocol) default Port.  Like the window that allows talking through it, this port needs to be open. A firewall can restrict access to what can use this port.

After all a Trojan can't tell it's friends what information it has collected from the computer, if the firewall does not allow it to access any ports.  However the firewall would allow Internet Explorer, Firefox, Google Chrome, and other web browsers to access port 80 both incoming and outgoing.  If the firewall blocks these programs, then surfing the internet would be, in a word, nonexistent.

This is where the true power of a firewall comes in, and why it is essential to know how to use a firewall effectively.  Essentially even if a virus is installed on a computer, it can't do much more than destroy the computer, if the firewall has blocked the virus from not being able to communicate with any other computer.

It would not make much sense for a firewall to only block programs on the computer from getting out, but a firewall prevents other computers from getting in.  A typical attack is on a home FTP server(file transfer protocol).  A little on FTP, FTP(File Transfer/Transport Protocol) allows files to be shared between computers.  I use an FTP server so that I can access files from any where in the world, such as word documents, resume, spreadsheets that I need, project files, application files, sometimes music, etc.  It really depends on what I need.  Any time you download a file from a website, the default protocol being used is FTP.  If you block the FTP from being used on a website, say Amazon.com, after purchasing a book from them, then it would not download an the Firewall would say that it restricted access to Amazon.com on port FTP(25).

Confused, probably.  Don't worry. reread some of this post.  It will make sense.  I am trying to stress this.  Know how a firewall works, in detail.  It will be either the saving grace that protects a computer, or the downfall because it isn't configured properly.  Do not skimp on this.  It is actually important.  Not having a firewall would be like handing the keys to your car, your house, your kids, you name it over to random strangers on the street down town L.A.  No joke.  Thousands if not hundreds of thousands of computers get attacked every day, and I bet you don't see it, for one reason and one reason only.  Because windows has a default firewall built in running behind the scene, trying to protect you.

It still wont' do a lick of good, if you allow a program to access the internet that is not a safe program.  Protecting yourself online comes down to, knowing the tools you are using to protect yourself with.

Here are some security tid bits of wisdom that I have picked up over the years that I believe and feel every single computer user should learn.  Not because every computer user needs to be good at computers, but because in a day and age where computer use on the internet is prolific there is a need to the assets and identity that every computer has the potential of sharing with a random stranger who does not have the best of intentions.

These individuals are called Crackers (The News Media Outlets also calls these individuals “Hackers”)!

Crackers are by far and large, yes a bit paranoid sounding here, Out To Get You!  These individuals want social security numbers, bank account numbers, your mothers maiden name, your family history, your phone numbers, your identity as a person.  With this identity lots, and lots, and lots of money is to be made by fleecing you, or to fleece others pretending to be you.

Sounds scary, and it should not be.  There are some really basic tips to always follow.

Anti-Virus: Your THIRD LINE of defense, no not your first.  Anti-virus software is not the first line of defense and it should never, ever, ever, ever be treated as the first line of defense.  EVER!!!  I say that with a lot of emphasis for several reasons.

1. Anti-Virus is Reactive, it only protects against what has already been made.  It does not protect against what has NOT been made.
2. Clever virus makers have figured out how to disable anti-virus programs.  There is more than one computer virus I have personally tested against Anti-Virus software, and the Anti-Virus software did NOT stop the virus.
3. Hundreds, if not more, new viruses are re-engineered and redistributed specifically with the task of getting past a computers defenses.

I hope the common theme here is seen.  Anti-virus is good, but not good enough to be the end all be all security for a computer.  Keep the anti-virus up to date.  Make sure the latest virus definitions have been downloaded.  Make this a top priority item in maintaining security on a computer, because an enterprising bad guy is praying that you are not following this step.

There are many free Anti-Virus, and many not so free anti-virus programs.  My recommendation is to go with a reliable program that works for you.  Most companies do a great job of keeping the bad guys at bay for all intents and purposes.

Anti-Spyware falls into the same category as Anti-Virus.  It is not an end all catch all be all of internet security and protection.  Be careful as some anti-spyware will bog a computer down, making it slower to run and use.  Go with award winning reviewed software in all these cases.  PC-Magazine, CNet News, and other reliable companies will constantly have a list of top notch software that works well, is easy to use, and is easy on the computers resource systems.

Once Anti-Virus/Malware/Spyware programs have been chosen.  Read The Manual on how to use this software.  Know the basics, know how it works, know how to use it.  No software on the face of this planet is going to help, if it is not being used the way it was intended.

In my next post I am going to discuss firewalls, what a firewall is, how to use a firewall effectively, and why even using the free firewall that comes with windows is better than using no firewall at all.

Many people seem to struggle with creating a strong password.  Trying to explain a good way to create a strong password that is hard to crack for a lack of a better word, for most people, seems impossible.  Password strength is important to keep your information “Un-hackable”.  From bank account information, to private and confidential documents, or just because your paranoid like myself.  Well I cam across a system recently talking to someone that allows creating an extremely strong password, that much easier.

The first step is to create a grid.

	A	B	C	D
E	1	2	3	4
F	5	6	7	8
G	9	0	a	b
H	c	d	e	f

For the ease of explanation I have made a 4 by 4 grid.  Lets create the first password using this grid system.  From the grid I am going to make a word, mostly for fun.  FADE is going to be my “code” so that I can find out my password.

	A	B	C	D
E	1	2	3	4
F	5	6	7	8
G	9	0	a	b
H	c	d	e	f

FA on the table equals 5

	A	B	C	D
E	1	2	3	4
F	5	6	7	8
G	9	0	a	b
H	c	d	e	f

DE on the table equals 4.

So now we know our password is 54.  This allows us to have a “secret code” that we only have to ever remember.  And this simple table can be written any where.  Unless someone knows the “secret code” there is no way for them to use this table to decipher what your password actually is.  Not without spending a LOT of time trying to figure it out.  Lets change our password now.  Make it a lot more complex.

	A	B	C	D
E	1gw	2hx	3iy	4jz
F	5kA	6lB	7mC	8nD
G	9oE	0pF	aqG	brH
H	csI	dtJ	euK	fvL

All Right so now lets use the same secret code as FADE!

	A	B	C	D
E	1gw	2hx	3iy	4jz
F	5kA	6lB	7mC	8nD
G	9oE	0pF	aqG	brH
H	csI	dtJ	euK	fvL

So FA is equal to 5kA.

	A	B	C	D
E	1gw	2hx	3iy	4jz
F	5kA	6lB	7mC	8nD
G	9oE	0pF	aqG	brH
H	csI	dtJ	euK	fvL

And DE is equal to 4jz, making our full password 5kA4jz.  Who on earth is going to figure that password?  Not many people.  Of course this password system can be as complex or as simple as you want to make it.  Adding more rows and colums will make it more difficult.  Adding more letters, numbers, or even symbols will increase the difficulty of the password by that much more.

A good rule of thumb is to have a password that is 8 characters long, uppercase letters, lowercase letters, numbers, and sometimes symbols.  Lets apply this recommendation to this password system.

	A	B	C	D	I	J
E	msA	asM	rnB	yoW	hwA	aaS
F	dnS	adU	leR	ivE	teT	trO
G	lyG	ewO	lH1	aE2	mR3	bE4
H	iT5	tH6	sA7	fT8	lM9	eE0
K	erA	crB	eyC	wwD	ahE	seF
L	wnG	htH	itI	thJ	eeK	alL

Okay so now we have A, B, C, D, I, J for our top row, and E, F, G, H, K, L for our left row. 

I filled the grid with Mary had a little lamb its fleece was white as snow and every where that mary went the lamb was sure to go 1, 2, 3, 4, 5, 6, 7, 8, 9, 0 A, B, C, D, E, F, G, H, I, J, K, and L. 

Because I didn’t have a upper case letter in some of my grid squares I went through and capitalized the grid squares that did not have a capitalized letter yet.  grid AE: msa became msA, grid BE: asm became asM, and so forth until every grid square had an upper case letter.

I’m going to pick a secret code at random. AL CG JH.  Honestly the code doesn’t need to be longer than that. AL equals wnG, CG equals lH1, and JH equals eE0.  This makes our password wnGlH1eE0.  Now the password is 9 characters long, random upper case, and lower case, with numbers.  All we have to do is remember the 6 digit secret code.  Lets make this even more simple.

	A	B	C	D	I	J
E	msAM	asMN	rnBO	yoWP	hwAQ	aaSR
F	dnSS	adUT	leRU	ivEV	teTW	trOX
G	lyGY	ewOZ	lH10	aE29	mR38	bE47
H	iT56	tHh5	sA74	fT83	lM92	eE01
K	erAa	crBb	eyCc	wwDd	ahEe	seFf
L	wnGg	htHh	itIi	thJj	eeKk	alLl

I am going to go ahead and finnish back where I started with A, B, C, D, and etc.  We added M, N, O, P, Q, R, S, T, U, V, W, X, Y, Z, 0, 9, 8, 7, 6, 5, 4, 3, 2, 1, a, b, c, d, e, f, g, h, i, j, k , and l to the grid squares.  Our new secret code is going to be IE and BL.
IE = hwAQ
BL = htHh
Password = hwAQhtHh

This password system can be as complex or as simple as it is made to be.  You can use any combination of letters, numbers, symbols, and the secret code can be as simple or complex as it is made.  A 4 digit “pin” number is a lot easier to remember than a complex 8 to 14 digit random character password.