vbr666
asked on
How does a firewall work exactly?
Firewall blocks a connection to a remote computer on a certain port(let's say that I'm trying to connect to that remote comp on port 545 or 1531 for example), but would firewall block connection if that remote comp is trying to connect on me (if I don't have a firewall) on port: 545 or 1531?
Can anyone explain or send me a link of some great firewall tutorials. First I would like to know basics about firewalls and then all complicated stuff and all of tiny details of their function. How to avoid firewalls?
Can anyone explain or send me a link of some great firewall tutorials. First I would like to know basics about firewalls and then all complicated stuff and all of tiny details of their function. How to avoid firewalls?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
VBR666,
Firewalls look at messages going between one side and another. Messages are only allowed to pass through if they are deemed not a danger, and within policy. In all but the most trivial cases, the direction does count (a request inbound to say, the FTP port, is not the same as an outbound request to somebody else's FTP port).
The degree of checking varies depending upon the firewall (and the rules that are configured for it).
Depending upon the rules and the firewall, the checking can be quite extensive. In the simplest cases, the checking is done based upon the direction of the request, and the port number. More complex checking can include source and destination addresses, time of day, and examintation (And regulation) of the data stream itself.
The Computer Security Handbook (4th Edition) has a good chapter on firewalls (as well as many other good chapters on security issues).
- Bob (aka RLGSC)
Firewalls look at messages going between one side and another. Messages are only allowed to pass through if they are deemed not a danger, and within policy. In all but the most trivial cases, the direction does count (a request inbound to say, the FTP port, is not the same as an outbound request to somebody else's FTP port).
The degree of checking varies depending upon the firewall (and the rules that are configured for it).
Depending upon the rules and the firewall, the checking can be quite extensive. In the simplest cases, the checking is done based upon the direction of the request, and the port number. More complex checking can include source and destination addresses, time of day, and examintation (And regulation) of the data stream itself.
The Computer Security Handbook (4th Edition) has a good chapter on firewalls (as well as many other good chapters on security issues).
- Bob (aka RLGSC)
http://computer.howstuffworks.com/firewall.htm