[Webinar] Streamline your web hosting managementRegister Today

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 276
  • Last Modified:

how do firewalls work? please explain... thanks

I just want to know how firewalls work so please explain.  thanks...
  • 2
2 Solutions
Hi JackOfPH

A firewall is a piece of software or hardware that filters all network traffic
between your computer, home network, or company network and the
a firewall in a network ensures that if something bad
happens on one side of the firewall, computers on the other side won’t be
affected. You read about these threats in the papers almost every day: viruses,
worms, denial-of-service (DoS) attacks, hacking, and break-ins. Attacks with
names like SQL Slammer, Code Red, and NIMDA have even appeared on the
evening news.  Often we don’t know who they
are, but we do know where possible intruders are and where we don’t want
them to penetrate. Hackers are roaming the wide expanses of the Internet,
and we don’t want them to enter our network and roam among the computers in it.
You know that you need to protect your network from these outlaws, and
one of the most efficient methods of protecting your network is to install a
firewall. By default, any good firewall prevents network traffic from passing
between the Internet and your internal network.

 Keep in mind that separating the Internet from your
internal network traffic is the default behavior of most firewalls. However,
the first thing that you will probably do after installing the firewall is to
change the defaults to allow selected traffic network through the firewall.
This is no different from a building inspector who allows fire doors in a physical
firewall. These doors are designed to provide an opening while still guaranteeing
safety for all occupants. When you configure a firewall, you create
some controlled openings that don’t compromise your network’s safety but
that allow selected network traffic to pass through.
As you are designing your protection against attacks from the Internet, never
rely on a single form of protection for your network. Doing so can give you a
false sense of security. For example, even if you completely disconnect your
network from the Internet to prevent a computer virus from entering your
network, an employee can still bring to work a floppy disk that has been
infected with a virus and inadvertently infect computers in your network.

-- From Firewalls
2nd edition

All the best
Rupesh KRishna

Here is the link for downloading that book

All the best
JackOfPHAuthor Commented:
how do firewalls filters network traffics? and how do firewalls hide your IP from hackers, slammers, etc..?
Right ... reading the book is the best option really but here is a start up ...
Phew ... this is a lil' bit dificult to explain ... specialy finding a start point. Anyway ...

Network traffic goes through diferent network layers.

Each layer "works" does something diferent and works with a diferent type of information. Imagine 7 boxes (according to OSI standards, there are 7 network layers). Each box is between the previous one and the next one in size.

NOw ... this is really very superficially! As the network information travels through the computer application, processes, network stack, etc., the small box will be put into the next bigger one; this one will be put inside the next bigger one ... and so forth.

so, box1 will have information1, box2 will have information2 (but will include information 1 as well), ....

Now about firewalls: you can find firewalls at diferent levels. If you have a firewall that can filter information from all the boxes, then you can virtually reach the maximum level of security. Basically, a friewall that works with all 7 boxes, can analyze what information is there inside the boxes and decide whether that inforamtion is good or not!!

IN networking terms now ...

Most firewalls work at the Layers 4,3,2. This is the layer where ports filtering can take place (let me know if you don't know what ports are!). For example, if your firewall can work with Layer 4 network packets, then you should be able to teach it how to not allow ftp traffic (which uses ports 20 and 21) but to alllow http traffic (which uses port 80 and eventually 443 - for SSL connections).

Further more, since this firewall also works at layer3 (at this layer you can get ip addresses), you can teach it how to deny or accept traffic coming/going to specific machines (since every machine has an IP address).

Yet, at the layer2, you can filter traffic from/to specific MAC addresses (each network card has a unique MAC address - also known as physical address or MAC Address).

You might be asking why all this layers? Why all this stuff?? Well ... having multiple layers of security is much better, isn'it? Also, different scenarios (network topologies) may require diferent approaches to security and therefore, security at diferent layers.... For example, inside your network you might need to filter only specific ports (say messenger). This will be at Layer4. But in the network portion where all your servers are located, you might one to allow only specific ip addresses!!!

For hiding addresses, this is really a huge topic as well ... But basicaly, it is about manipulating the nework packets so that the outside world sees something diferent !!! think of it as changing the content of the boxes yourself but in a way that your infrastructure would know how to put the content back so that the information inside the box can be useful..

Well ... this was quite dificult to explain and I am not realy sure if I was able to help... but I hope so.

let me know.


Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now