In my opinion, and truly take it for what it is worth and please research this. Is a key component, and backbone of defense against an attack. A firewall is not some construction term for preventing the spread of a fire in a building(see the wiki article), it’s not a British DJ(see the wiki article), and it isn’t a movie staring Harrison Ford(see the wiki article).
A Firewall is the term used for either a piece of Software or Hardware that either restricts or prevents communication between to segments of a network or computers, normally this restriction is to prevent Unauthorized Access.
In order to explain a firewall I’m going to need to explain what in IP Address is and what port(s) are. This will help explain the basics of how a firewall works. In order to explain this at length, I will be using an analogy of a building(either office or home building) and it's street address.
A computer for all intents and purposes, when connected to the Internet or a home Network(AKA LAN[Local Area Network]), is like a building on a on a street. I am going to name this street Cyber Street. The building has a street address(IP Address) that allows all traffic from the mail man to friends and family the ability to find this building. Well this is a new building, and it is a residential home. 1001 Cyber Street is the address of this home.
Home 1001 Cyber Street has some pretty friendly neighbors, at least for the sake of this article it does. All the neighbors on this block are great, they share the street and get along for the most part. This is a Local Area Network in terms of scale and comparison. Even so the neighbors really don't need to be looking in every window of this home, so installing currents(firewall) for every window(Port) is a good idea. The doors get get locks(firewall) and a peep hole to see who is at the door(outbound port traffic).
This is a home after all, not a business building where just anyone can come and go as they please(Amazon.com, Microsoft.com, CNet.com, etc). Now there are some people who are allowed to come and go as they please, that friendly neighbor who has helped with thick and thin, family members, close friends, all people from other street address with their own home. There has to be some way to allow them to come and go as they please, so a key is made to give to them, or the security code to the alarm, or other various methods of allowing access to the home(Authorized Access Rules).
Of course most people go through the front door, but some go through the back, and the rebellious teenager might go through the window. These are all ports, and even though they are different ports, technically these people do have permission to come in, get what they need to get done, and get out again, in some cases stay for a little bit. A window might be opened so a mother can yell at their child in the back yard, a door so that movers can move furniture in and/or out, whatever the reason there are some valid reasons to allow access.
Just as there are valid reasons to allow access, there are some very real reasons to deny access. A burglar is the most typical person that house security tries to prevent. There are other types, however I'm not going into detail or listing them here. These individuals are not wanted inside the house, they have restrictive access.
There is no avenue of entry that isn't tried from windows(port), doors(port), garage(port), and other various access points. These burglars will try and disable the security for the house if they can(anti-virus, anti-spyware, firewall, etc). Some will search for a key, others will get to know the habits of the people living in the house, after all the neighbor at 1002 Cyber Street always leaves the door to the garage open for several hours before remembering to close it, giving access to the car, tools, and other valuables inside the garage making it an easy target.
Computers, are a lot like houses with a street address. An IP Address is a computers street number. A LAN is the street the computer is on. And the LAN that is connected to the internet through a modem, is in a city of other LANs(also known as a Wide Area Network or WAN). For the purpose of this article, since there are many different ways this can be setup I will not go into too much detail on what those differences are.
So the computer is connected to the Internet, through what is more typical this day an age, a dual Modem/Router. The purpose of this little device is three fold. First, give several computers connected to it, an IP Address so that all the computers connected to the Router are on the same Network(LAN) and can now use this network to talk to each other. The typical setup is 192.168.0.2 through 192.168.0.254(192.168.0.1 is reserved for the router, 192.168.0.0 & 192.168.0.255 are reserved for special network traffic that is needed to keep a network functioning).
Second, the router does what it's namesake comes from, it "routes" all the computers to the internet. It's a lot like a GPS or Map telling someone how to get from point A to point B. In the computers case however it never needs to leave the home to get to point B.
Third, the router acts as a hub of communication between all the computers on the LAN, so that all the neighbors can access other neighbors computers. My friends and I constantly share music, files, pictures, and other various items. Sometimes we all play games against each other over the network, no internet access required. All that is needed is for the router to act like a hub.
Now that the computer has an IP Address, security is the next big concern. After all keeping out the burglars is a key factor. To do this, a Firewall application is used. A firewall configured properly will only allow certain traffic through the door. Or what is called a port. Every computer has over 5000+ ports. The best example of a port that is used every day, is port 80. This is the HTTP(Hyper Text Transport Protocol) default Port. Like the window that allows talking through it, this port needs to be open. A firewall can restrict access to what can use this port.
After all a Trojan can't tell it's friends what information it has collected from the computer, if the firewall does not allow it to access any ports. However the firewall would allow Internet Explorer, Firefox, Google Chrome, and other web browsers to access port 80 both incoming and outgoing. If the firewall blocks these programs, then surfing the internet would be, in a word, nonexistent.
This is where the true power of a firewall comes in, and why it is essential to know how to use a firewall effectively. Essentially even if a virus is installed on a computer, it can't do much more than destroy the computer, if the firewall has blocked the virus from not being able to communicate with any other computer.
It would not make much sense for a firewall to only block programs on the computer from getting out, but a firewall prevents other computers from getting in. A typical attack is on a home FTP server(file transfer protocol). A little on FTP, FTP(File Transfer/Transport Protocol) allows files to be shared between computers. I use an FTP server so that I can access files from any where in the world, such as word documents, resume, spreadsheets that I need, project files, application files, sometimes music, etc. It really depends on what I need. Any time you download a file from a website, the default protocol being used is FTP. If you block the FTP from being used on a website, say Amazon.com, after purchasing a book from them, then it would not download an the Firewall would say that it restricted access to Amazon.com on port FTP(25).
Confused, probably. Don't worry. reread some of this post. It will make sense. I am trying to stress this. Know how a firewall works, in detail. It will be either the saving grace that protects a computer, or the downfall because it isn't configured properly. Do not skimp on this. It is actually important. Not having a firewall would be like handing the keys to your car, your house, your kids, you name it over to random strangers on the street down town L.A. No joke. Thousands if not hundreds of thousands of computers get attacked every day, and I bet you don't see it, for one reason and one reason only. Because windows has a default firewall built in running behind the scene, trying to protect you.
It still wont' do a lick of good, if you allow a program to access the internet that is not a safe program. Protecting yourself online comes down to, knowing the tools you are using to protect yourself with.
0 comments:
Post a Comment