THE BASIC OF A FIREWALL : –
This is not a indepth article about firewalls but simple basic stuff.I’ve concentrated on windows based environment apart from the general case.
WHAT IS A FIRE WALL:-
A firewall may be a standalone system,a software application or a hardware device that blocks/permits traffic,prevents unauthorized users or malicious traffic from accessing a network or a system.It acts as a barrier or a membrane between two or more networks.
The primary job of a firewall is to secure the inside network from the outside[it can be another network or more often the internet].Depending upon the policies or access control lists configured in the firewall,it can monitor inbound/outbound traffic & plus more.
DO I NEED A FIREWALL ??..
(2) . Application level firewalls :
- Software firewalls,application level proxies come under this category.Apart from the regular huff & puff they offer a few nifty features such as content filtering,blocking unwanted hosts.
Thats the question you should be asking yourself.With anyone who had been using a firewall with logging capabilities knows the amount of port scans you get on a day to day basis.Thus there is a need to block inbound traffic.The general tendency among home users with a single host or a small network is to use a software firewall on each host.One thing to consider here is if you are well versed with what goes at the OS level then you certainly dont need a separate freeware/commercial firewall,the windows firewall very well does the job for you.Oh yes I know it monitors inbound connections & not outbound but the fact remains if you have a knowledge of program control at the host then why do you need a separate firewall other than the windows firewall? After all its your computer/s,you should be knowing what is running & accessing the internet.
One program that I would like to strongly suggest is Fport.It shows you the mappings of the ports & IP addresses to their respective applications which are accessing the internet.
If you are getting paranoid then you are better off with a separate application based firewall.As most software firewalls ask for permission when a program is trying to access the internet.Where as if you only have a router acting as a firewall then it cant do much if malicious programs try to access the internet.For example if you already have a trojan in your system then it wont block or notify you of the happenings since its designed to consider everything that goes out of the system as legit.It does a very good job of blocking inbound traffic though.
There are different types of firewalls which serve nearly same purpose but for different audiences.The two most common types are:
(1) . Network level firewalls:
- These are standalone boxes & are much more sophiticated with loads of features.To mention a few,SPI[Stateful Packet Inspection],Deep Packet Inspection,Logging Capabilities etc.They usually run on proprietary Operating system such as the Cisco series,they run on the Cisco IOS[Internetwork Operating System.