|
What is a firewall?
A simplified explanation
Published: 11-May-2001
A firewall protects your network from unwanted Internet
traffic. The primary functions of a firewall
are to let good traffic pass through while ‘bad’ traffic gets
blocked. The most important part of a firewall is its access
control features that distinguish between good and bad traffic.
When installed, a firewall exists between your
computer(s) and the Internet. The firewall lets you request web pages,
download files, chat, etc. while making sure other people on the internet
can not access services on your computer like file or print sharing. Some
firewalls are pieces of software that run on your computer. Other
firewalls are built into hardware and protect your whole network from
attacks.
 Everyone connected to the Internet should be running some
sort of firewall. Programs can be downloaded on the Internet that can scan
huge ranges of IP address for vulnerabilities like file sharing services.
These programs are easy to download and run. Almost no network knowledge
is needed to use these programs to exploit or harm your computer. Any kind
of firewall will keep you safe from these types of attacks. Software Firewall
Software firewalls are programs
that run on your computer and nestle themselves between your network card
software drivers and your operating system. They intercept attacks before
your operating system can even acknowledge them. Many free firewalls of
this type exist on the Internet. Here are some free firewalls
Simple NAT firewall
The firewalls that are built
into broadband
routers
and software like Microsoft ICS are very simple
firewalls.  They protect your LAN by not letting anyone figure
out how to ‘directly’ talk to any of the computers on your LAN. This level
of protection will keep out almost all kinds of hackers. Advanced hackers
may be able to take advantage of certain inadequacies of NAT
based firewalls, but they are few and far
between. Firewalls with stateful packet inspection
The new trend in home networking firewalls is called
stateful packet inspection. This is an advanced form of firewall that
examines each and every packet of data as it travels through the firewall.
The firewall scans for problems in the packet that might be a symptom of a
‘denial of service’ (dos) attack or advanced attacks.
Most people are never subject to these types of
attacks, but there are some areas of the Internet that invite these kinds
of attacks. Most often, these attacks come from being involved in certain
kinds of competitive on-line gaming or participating in questionable mIrc
channels.
| 
About Firewalls
Menu: