how do firewalls work? please explain... thanks

Posted on 2006-06-19
Last Modified: 2013-11-16
I just want to know how firewalls work so please explain.  thanks...
Question by:JackOfPH
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2

Assisted Solution

xpsavy earned 250 total points
ID: 16932939
Hi JackOfPH

A firewall is a piece of software or hardware that filters all network traffic
between your computer, home network, or company network and the
a firewall in a network ensures that if something bad
happens on one side of the firewall, computers on the other side won’t be
affected. You read about these threats in the papers almost every day: viruses,
worms, denial-of-service (DoS) attacks, hacking, and break-ins. Attacks with
names like SQL Slammer, Code Red, and NIMDA have even appeared on the
evening news.  Often we don’t know who they
are, but we do know where possible intruders are and where we don’t want
them to penetrate. Hackers are roaming the wide expanses of the Internet,
and we don’t want them to enter our network and roam among the computers in it.
You know that you need to protect your network from these outlaws, and
one of the most efficient methods of protecting your network is to install a
firewall. By default, any good firewall prevents network traffic from passing
between the Internet and your internal network.

 Keep in mind that separating the Internet from your
internal network traffic is the default behavior of most firewalls. However,
the first thing that you will probably do after installing the firewall is to
change the defaults to allow selected traffic network through the firewall.
This is no different from a building inspector who allows fire doors in a physical
firewall. These doors are designed to provide an opening while still guaranteeing
safety for all occupants. When you configure a firewall, you create
some controlled openings that don’t compromise your network’s safety but
that allow selected network traffic to pass through.
As you are designing your protection against attacks from the Internet, never
rely on a single form of protection for your network. Doing so can give you a
false sense of security. For example, even if you completely disconnect your
network from the Internet to prevent a computer virus from entering your
network, an employee can still bring to work a floppy disk that has been
infected with a virus and inadvertently infect computers in your network.

-- From Firewalls
2nd edition

All the best
Rupesh KRishna

Expert Comment

ID: 16933246

Here is the link for downloading that book

All the best
LVL 15

Author Comment

ID: 16939181
how do firewalls filters network traffics? and how do firewalls hide your IP from hackers, slammers, etc..?
LVL 11

Accepted Solution

rafael_acc earned 250 total points
ID: 16945603
Right ... reading the book is the best option really but here is a start up ...
Phew ... this is a lil' bit dificult to explain ... specialy finding a start point. Anyway ...

Network traffic goes through diferent network layers.

Each layer "works" does something diferent and works with a diferent type of information. Imagine 7 boxes (according to OSI standards, there are 7 network layers). Each box is between the previous one and the next one in size.

NOw ... this is really very superficially! As the network information travels through the computer application, processes, network stack, etc., the small box will be put into the next bigger one; this one will be put inside the next bigger one ... and so forth.

so, box1 will have information1, box2 will have information2 (but will include information 1 as well), ....

Now about firewalls: you can find firewalls at diferent levels. If you have a firewall that can filter information from all the boxes, then you can virtually reach the maximum level of security. Basically, a friewall that works with all 7 boxes, can analyze what information is there inside the boxes and decide whether that inforamtion is good or not!!

IN networking terms now ...

Most firewalls work at the Layers 4,3,2. This is the layer where ports filtering can take place (let me know if you don't know what ports are!). For example, if your firewall can work with Layer 4 network packets, then you should be able to teach it how to not allow ftp traffic (which uses ports 20 and 21) but to alllow http traffic (which uses port 80 and eventually 443 - for SSL connections).

Further more, since this firewall also works at layer3 (at this layer you can get ip addresses), you can teach it how to deny or accept traffic coming/going to specific machines (since every machine has an IP address).

Yet, at the layer2, you can filter traffic from/to specific MAC addresses (each network card has a unique MAC address - also known as physical address or MAC Address).

You might be asking why all this layers? Why all this stuff?? Well ... having multiple layers of security is much better, isn'it? Also, different scenarios (network topologies) may require diferent approaches to security and therefore, security at diferent layers.... For example, inside your network you might need to filter only specific ports (say messenger). This will be at Layer4. But in the network portion where all your servers are located, you might one to allow only specific ip addresses!!!

For hiding addresses, this is really a huge topic as well ... But basicaly, it is about manipulating the nework packets so that the outside world sees something diferent !!! think of it as changing the content of the boxes yourself but in a way that your infrastructure would know how to put the content back so that the information inside the box can be useful..

Well ... this was quite dificult to explain and I am not realy sure if I was able to help... but I hope so.

let me know.


Featured Post

Ready to trade in that old firewall?

Whether you need to trade-up to a shiny new Firebox or just ready to upgrade from whatever appliance you're using now, WatchGuard has the right appliance for you! Find your perfect Firebox today with appliance sizing tool!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
Add bar graphs to Access queries using Unicode block characters. Graphs appear on every record in the color you want. Give life to numbers. Hopes this gives you ideas on visualizing your data in new ways ~ Create a calculated field in a query: …
Visualize your data even better in Access queries. Given a date and a value, this lesson shows how to compare that value with the previous value, calculate the difference, and display a circle if the value is the same, an up triangle if it increased…
Suggested Courses

626 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question