Solved

how do firewalls work? please explain... thanks

Posted on 2006-06-19
4
260 Views
Last Modified: 2013-11-16
I just want to know how firewalls work so please explain.  thanks...
0
Comment
Question by:JackOfPH
  • 2
4 Comments
 
LVL 7

Assisted Solution

by:xpsavy
xpsavy earned 250 total points
ID: 16932939
Hi JackOfPH

A firewall is a piece of software or hardware that filters all network traffic
between your computer, home network, or company network and the
Internet.
a firewall in a network ensures that if something bad
happens on one side of the firewall, computers on the other side won’t be
affected. You read about these threats in the papers almost every day: viruses,
worms, denial-of-service (DoS) attacks, hacking, and break-ins. Attacks with
names like SQL Slammer, Code Red, and NIMDA have even appeared on the
evening news.  Often we don’t know who they
are, but we do know where possible intruders are and where we don’t want
them to penetrate. Hackers are roaming the wide expanses of the Internet,
and we don’t want them to enter our network and roam among the computers in it.
You know that you need to protect your network from these outlaws, and
one of the most efficient methods of protecting your network is to install a
firewall. By default, any good firewall prevents network traffic from passing
between the Internet and your internal network.

 Keep in mind that separating the Internet from your
internal network traffic is the default behavior of most firewalls. However,
the first thing that you will probably do after installing the firewall is to
change the defaults to allow selected traffic network through the firewall.
This is no different from a building inspector who allows fire doors in a physical
firewall. These doors are designed to provide an opening while still guaranteeing
safety for all occupants. When you configure a firewall, you create
some controlled openings that don’t compromise your network’s safety but
that allow selected network traffic to pass through.
As you are designing your protection against attacks from the Internet, never
rely on a single form of protection for your network. Doing so can give you a
false sense of security. For example, even if you completely disconnect your
network from the Internet to prevent a computer virus from entering your
network, an employee can still bring to work a floppy disk that has been
infected with a virus and inadvertently infect computers in your network.

-- From Firewalls
FOR DUMmIES
2nd edition

All the best
Rupesh KRishna
0
 
LVL 7

Expert Comment

by:xpsavy
ID: 16933246
Hi

Here is the link for downloading that book
http://www.megaupload.com/?d=ALOF2AHY

All the best
0
 
LVL 15

Author Comment

by:JackOfPH
ID: 16939181
how do firewalls filters network traffics? and how do firewalls hide your IP from hackers, slammers, etc..?
0
 
LVL 11

Accepted Solution

by:
rafael_acc earned 250 total points
ID: 16945603
Right ... reading the book is the best option really but here is a start up ...
Phew ... this is a lil' bit dificult to explain ... specialy finding a start point. Anyway ...

Network traffic goes through diferent network layers.

Each layer "works" does something diferent and works with a diferent type of information. Imagine 7 boxes (according to OSI standards, there are 7 network layers). Each box is between the previous one and the next one in size.

NOw ... this is really very superficially! As the network information travels through the computer application, processes, network stack, etc., the small box will be put into the next bigger one; this one will be put inside the next bigger one ... and so forth.

so, box1 will have information1, box2 will have information2 (but will include information 1 as well), ....

Now about firewalls: you can find firewalls at diferent levels. If you have a firewall that can filter information from all the boxes, then you can virtually reach the maximum level of security. Basically, a friewall that works with all 7 boxes, can analyze what information is there inside the boxes and decide whether that inforamtion is good or not!!

IN networking terms now ...

Most firewalls work at the Layers 4,3,2. This is the layer where ports filtering can take place (let me know if you don't know what ports are!). For example, if your firewall can work with Layer 4 network packets, then you should be able to teach it how to not allow ftp traffic (which uses ports 20 and 21) but to alllow http traffic (which uses port 80 and eventually 443 - for SSL connections).

Further more, since this firewall also works at layer3 (at this layer you can get ip addresses), you can teach it how to deny or accept traffic coming/going to specific machines (since every machine has an IP address).

Yet, at the layer2, you can filter traffic from/to specific MAC addresses (each network card has a unique MAC address - also known as physical address or MAC Address).

You might be asking why all this layers? Why all this stuff?? Well ... having multiple layers of security is much better, isn'it? Also, different scenarios (network topologies) may require diferent approaches to security and therefore, security at diferent layers.... For example, inside your network you might need to filter only specific ports (say messenger). This will be at Layer4. But in the network portion where all your servers are located, you might one to allow only specific ip addresses!!!

For hiding addresses, this is really a huge topic as well ... But basicaly, it is about manipulating the nework packets so that the outside world sees something diferent !!! think of it as changing the content of the boxes yourself but in a way that your infrastructure would know how to put the content back so that the information inside the box can be useful..

Well ... this was quite dificult to explain and I am not realy sure if I was able to help... but I hope so.

let me know.


cheers
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now