Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17


how do firewalls work? please explain... thanks

Posted on 2006-06-19
Medium Priority
Last Modified: 2013-11-16
I just want to know how firewalls work so please explain.  thanks...
Question by:JackOfPH
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2

Assisted Solution

xpsavy earned 1000 total points
ID: 16932939
Hi JackOfPH

A firewall is a piece of software or hardware that filters all network traffic
between your computer, home network, or company network and the
a firewall in a network ensures that if something bad
happens on one side of the firewall, computers on the other side won’t be
affected. You read about these threats in the papers almost every day: viruses,
worms, denial-of-service (DoS) attacks, hacking, and break-ins. Attacks with
names like SQL Slammer, Code Red, and NIMDA have even appeared on the
evening news.  Often we don’t know who they
are, but we do know where possible intruders are and where we don’t want
them to penetrate. Hackers are roaming the wide expanses of the Internet,
and we don’t want them to enter our network and roam among the computers in it.
You know that you need to protect your network from these outlaws, and
one of the most efficient methods of protecting your network is to install a
firewall. By default, any good firewall prevents network traffic from passing
between the Internet and your internal network.

 Keep in mind that separating the Internet from your
internal network traffic is the default behavior of most firewalls. However,
the first thing that you will probably do after installing the firewall is to
change the defaults to allow selected traffic network through the firewall.
This is no different from a building inspector who allows fire doors in a physical
firewall. These doors are designed to provide an opening while still guaranteeing
safety for all occupants. When you configure a firewall, you create
some controlled openings that don’t compromise your network’s safety but
that allow selected network traffic to pass through.
As you are designing your protection against attacks from the Internet, never
rely on a single form of protection for your network. Doing so can give you a
false sense of security. For example, even if you completely disconnect your
network from the Internet to prevent a computer virus from entering your
network, an employee can still bring to work a floppy disk that has been
infected with a virus and inadvertently infect computers in your network.

-- From Firewalls
2nd edition

All the best
Rupesh KRishna

Expert Comment

ID: 16933246

Here is the link for downloading that book

All the best
LVL 15

Author Comment

ID: 16939181
how do firewalls filters network traffics? and how do firewalls hide your IP from hackers, slammers, etc..?
LVL 11

Accepted Solution

rafael_acc earned 1000 total points
ID: 16945603
Right ... reading the book is the best option really but here is a start up ...
Phew ... this is a lil' bit dificult to explain ... specialy finding a start point. Anyway ...

Network traffic goes through diferent network layers.

Each layer "works" does something diferent and works with a diferent type of information. Imagine 7 boxes (according to OSI standards, there are 7 network layers). Each box is between the previous one and the next one in size.

NOw ... this is really very superficially! As the network information travels through the computer application, processes, network stack, etc., the small box will be put into the next bigger one; this one will be put inside the next bigger one ... and so forth.

so, box1 will have information1, box2 will have information2 (but will include information 1 as well), ....

Now about firewalls: you can find firewalls at diferent levels. If you have a firewall that can filter information from all the boxes, then you can virtually reach the maximum level of security. Basically, a friewall that works with all 7 boxes, can analyze what information is there inside the boxes and decide whether that inforamtion is good or not!!

IN networking terms now ...

Most firewalls work at the Layers 4,3,2. This is the layer where ports filtering can take place (let me know if you don't know what ports are!). For example, if your firewall can work with Layer 4 network packets, then you should be able to teach it how to not allow ftp traffic (which uses ports 20 and 21) but to alllow http traffic (which uses port 80 and eventually 443 - for SSL connections).

Further more, since this firewall also works at layer3 (at this layer you can get ip addresses), you can teach it how to deny or accept traffic coming/going to specific machines (since every machine has an IP address).

Yet, at the layer2, you can filter traffic from/to specific MAC addresses (each network card has a unique MAC address - also known as physical address or MAC Address).

You might be asking why all this layers? Why all this stuff?? Well ... having multiple layers of security is much better, isn'it? Also, different scenarios (network topologies) may require diferent approaches to security and therefore, security at diferent layers.... For example, inside your network you might need to filter only specific ports (say messenger). This will be at Layer4. But in the network portion where all your servers are located, you might one to allow only specific ip addresses!!!

For hiding addresses, this is really a huge topic as well ... But basicaly, it is about manipulating the nework packets so that the outside world sees something diferent !!! think of it as changing the content of the boxes yourself but in a way that your infrastructure would know how to put the content back so that the information inside the box can be useful..

Well ... this was quite dificult to explain and I am not realy sure if I was able to help... but I hope so.

let me know.


Featured Post

Are You Ready for GDPR?

With the GDPR deadline set for May 25, 2018, many organizations are ill-prepared due to uncertainty about the criteria for compliance. According to a recent WatchGuard survey, a staggering 37% of respondents don't even know if their organization needs to comply with GDPR. Do you?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
Video by: ITPro.TV
In this episode Don builds upon the troubleshooting techniques by demonstrating how to properly monitor a vSphere deployment to detect problems before they occur. He begins the show using tools found within the vSphere suite as ends the show demonst…
In this video, Percona Solution Engineer Rick Golba discuss how (and why) you implement high availability in a database environment. To discuss how Percona Consulting can help with your design and architecture needs for your database and infrastr…
Suggested Courses

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question