Firewall is a piece of hardware and/or software which functions in a network environment to prevent some communications forbidden by the security policy, analogous to the function of firewalls in building construction.
The ultimate goal is: providing safe and controlled connectivity between zones of differing trust levels through the enforcement of a security policy and connectivity model.
Usually, the internet (a zone with no trust) and an internal network (a zone with high trust).
Firewall techniques
Usually, multiple techniques are used to enhance the security level.
The main techniques are:
1. Packet filter: test each packet entering or leaving the network. It is typically done in a router. The advantage for this type is fairly effective and transparent to users, but the disadvantages are the difficulty to configure and the susceptibility to IP spoofing.
2. Application gateway: Applies security mechanisms to specific applications, such as FTP and Telnet servers. This mechanism is very effective but it is
can impose performance degradation.
3. Circuit-level gateway: Applies security mechanisms when a TCP or UDP connection is established.
4. Proxy server: Intercepts all messages entering and leaving the network and hides the true network addresses.
5. Stateful Inspection
Compares certain key parts of the packet to a database of trusted information. Information traveling from inside the firewall to the outside is monitored for specific defining characteristics, and then incoming information is compared to these characteristics.
6. Network Address Translation (NAT): Allows one IP address, which is shown to the outside world, to refer to many IP addresses internally; one on each client station.
Firewalls are customizable
Add or remove filters based on several conditions:
IP Address
Domain names
Protocols – allow and block different protocols such as:
IP (internet protocol)
TCP (transmission control protocol)
HTTP (Hyper Text Transfer Protocol)
FTP (File Transfer Protocol)
UDP (User Datagram Protocol)
ICMP (Internet Control Message Protocol)
SMTP (Simple Mail Transport Protocol)
SNMP (Simple Network Management Protocol)
Telnet
What does a basic PC firewall not do?
A PC firewall can't detect or remove computer viruses and worms if they're already on your computer.
Basic PC firewall can't clean up your computer after a virus attack; block phishing e-mails, spam, and pop-up ads; filter inappropriate or dangerous Web content; or shield IM users from spammers, thieves, and predators.
For complete protection beyond what a basic PC firewall provides, you need an integrated Internet security suite.
Advanced protection PC firewalls
Dynamic firewalls
Dynamic PC firewall automatically opens your computer's door to the Internet when needed, allows only authorized traffic through, and then immediately shuts the door.
Outbound and inbound protection
Many basic PC firewalls only protect your PC from unauthorized inbound communications. Some PC firewalls, protect your PC from unauthorized inbound as well as outbound communications. The transmission of your private data to the hacker would be an unauthorized outbound communication.
Some application that can be protected by using advance firewall systems are:
Remote login
Application backdoors
SMTP session hijacking
Operating system bugs
Denial of service
E-mail bombs
Macros
Viruses
Spam
Redirect bombs
Source routing.
For more information about this you can read contact the auther or read more articles: Bashar Al Takrouri at the International School of New Media.
References:
[1] http://www.webopedia.com/TERM/f/firewall.html accessed by (04.06.2006)
[2] http://www.pcmag.com/encyclopedia_term/0,2542,t=firewall&i=43218,00.asp accessed by (04.06.2006)
[3] http://computer.howstuffworks.com/firewall1.htm accessed by (04.06.2006)
[4] http://www.pcmag.com/encyclopedia_term/0,2542,t=firewall&i=43218,00.asp accessed by (04.06.2006)
[5] http://www.pcmag.com/encyclopedia_term/0,2542,t=firewall&i=43218,00.asp accessed by (04.06.2006)
[6]http://www.pcmag.com/encyclopedia_term/0,2542,t=firewall&i=43218,00.asp accessed by (04.06.2006)
[7] http://computer.howstuffworks.com/firewall2.htm
[8] http://www.zonelabs.com/store/content/support/zasc/whyFirewall.jsp?lid=home_pc_firewall accessed by (04.06.2006)
[9] http://www.zonelabs.com/store/content/support/zasc/whyFirewall.jsp?lid=home_pc_firewall accessed by (04.06.2006)
|
![[info]](http://l-stat.livejournal.com/img/userinfo.gif){kind=small}
bashar_tak's journal