tom's FotoPage

By: tom willim

[Recommend this Fotopage] | [Share this Fotopage]
[<<  <  [1]  2  3  4  5  >  >>]    [Archive]
Monday, 26-Jul-2004 00:00 Email | Share | | Bookmark
Introduction of Firewalls

The Internet is a scary place. Criminals on the Internet have the ability to hide behind their computers, or even other peopleâ??s computers, while they attempt to break into your computer to steal personal information or to use it for their own purposes. To make matters worse, there always seems to be a security hole in your software or operating system that is not fixed fast enough that could potentially allow someone to hack into your computer. Where does this leave you? Are you supposed to cancel your Internet access, or is there something you can do to protect yourself?
The answer is that you can protect yourself with a
firewall . In the past, firewalls were expensive pieces of hardware that only companies would use. Most people were not on the Internet, and if they were they were connected via a dial up which is not fast enough for most hacker's purposes. Therefore, hackers predominantly targeted companies who normally had larger pools of available bandwidth. Now with almost everyone being able to connect to the Internet, and many with extremely fast and cheap bandwidth, hackers tend to target the home user as they are more apt to not secure their computers properly thus becoming an easy target. With this in mind developers have created cheap but powerful home firewall solutions for the home users to protect themselves.
This tutorial will help to increase your knowledge on how to protect yourself with a firewall so you are not an easy target to hackers and viruses in the future.
A firewall is a hardware device or software application that sits between your computer and the Internet and blocks all Internet traffic from reaching your computer that you have not specifically requested. What this means is that if you browse to a web site, the firewall will allow the traffic from that web site to reach your computer and therefore yourself. On the other hand, if you did not request information from that web site, and the web site sent traffic to you, it would be denied from reaching your computer because you did not specifically ask for it. This behavior can be changed if you wish, and we will discuss that further in the document.
Firewalls for the home user can either be a piece of hardware or a piece of software. The differences will be discussed below.
A Hardware Firewall is a device that sits between your Internet connection and the rest of the computers plugged into it. These firewalls usually come with a built in hub that allows you to connect multiple computers to it in order for them all to be able to share one Internet connection. These firewalls provide protection to all the computers connected to it using a technology called Network Address Translation, or NAT. This protection is performed by all the protected machines using private IP addresses, such as 192.168.1.X, that can not be reached via the Internet. The firewall then convert these internal IP addresses to the single public IP address that is assigned to the firewall. This makes it so that your hardware firewall accepts all incoming requests you asked for and then forwards them on to the requesting internal computer. Using this method, outside machines are never able to connect directly to your computers.
A Personal Firewall is a piece of software installed on each computer that needs to be protected. This software then filters all incoming, and sometimes outgoing traffic, and only allows only data that has been requested or explicitly allowed to pass through. Personal firewalls tend to be more feature rich than hardware versions, but they do not have the ability to allow you to share your Internet connection with multiple computers on the network.
The decision as to which type of firewall you to use depends on what you plan on using it for. If you would like to protect just one computer, then personal software based firewall is more than adequate. If you would like to protect multiple computers, then a hardware based solution may be most cost effective. Some people even state that you should use both a hardware firewall to protect your network and a personal firewall that further protects your computer. Though this is not a bad idea, it may be cost prohibitive for many users. If money is not an option, then using both will add an extra level of security as well as provide you with the greater functionality found in personal firewalls.
For the rest of this tutorial we will predominantly focus on personal firewalls that are installed on your computer, though many of the topics discussed here apply to hardware firewalls as well.

Sunday, 25-Jul-2004 00:00 Email | Share | | Bookmark
Personal Firewall Software or Hardware?

To help our visitors new in the
firewall security world, we have put together a short article to compare between software firewall and hardware firewall for home or small business use.

Software vs. Hardware Firewall
The consumer looking for a personal firewall for home or small office use faces a barrage of brochures and technical info from various vendors. Our initial decision should be - 'should I to go for a hardware or software firewall solution?'
Software Personal Firewall - A personal firewall software download is probably the lowest costs protection money can buy. Installation is easy and some software firewalls know the OS and application environment enough to provide easy setup and configuration.
Easy to automatically update access rules and patches. Installation, setup and basic firewall easy to setup via menus. Provides application/program outgoing network access. Some firewalls can detect and monitor Trojan/backdoor programs. Allows multiple users to be assigned different access configuration. Convenient for mobile users as no hardware to pack along
PC's network address is not shielded from outside (no NAT). No protection buffer from outside hacker attacks. Proper security configuration requires expert knowledge. Intrusive behavior of security alerts or warnings.
Software Network Firewall - Network firewall software installed into the computer that is connected to your broadband service provides firewall protection right at your gateway - with added features like port mapping and URL filtering.
Allows configurable software features like URL filtering
Installation, setup and basic firewall easy to setup via menus
Shields user PCs from the outside with a NAT
Allows multiple users to be assigned different access configuration
No protection buffer from outside hacker attacks ( for the gateway )
Proper security configuration requires expert knowledge
Possible bandwidth bottleneck with today's increasing DSL speeds
Difficult to provide protection against Trojans and backdoors
Hardware Network Firewall - A standalone box that sits in between in local network and outside network i.e. the internet. Today's hardware firewall doesn't costs much more than the software version. Very simple to setup for basic filtering and protects more than one computer - some routers have in-built firewalls with SPI abilities.
Protects multiple computers behind the firewall.
Almost plug and play - 5 mines of simple config for basic firewall.
Shields user PCs from the outside with a NAT.
Some firewalls can detect and monitor Trojan/backdoor programs.
Allows multiple users to be assigned different access configuration.
Convenient for mobile users as no hardware to pack along.
Unable to configure specific application/program access controls.
More difficult to upgrade or change firewall's program.
Difficult to provide protection against Trojans and backdoors.
Configuration for advanced firewall protection can be difficult.
Possible bandwidth bottleneck with today's increasing DSL speeds.

Saturday, 24-Jul-2004 00:00 Email | Share | | Bookmark
Selecting a Personal Firewall

The potential damages caused by stolen personal info like credit-card information far outweighs the purchase price of today's good

firewall software or hardware, its essential that you carefully select a good firewall and learn to set it up correctly.
The price difference between an inadequate firewall and a robust, effective firewall is minimal. It is more important to properly configure a good firewall than to buy the most expensive or complex.
Personal - If you just have one computer directly accessing the internet via a modem (Broadband connections are more susceptible to intrusions due to its always connected nature), it most cost effective to just use a good firewall software on that computer. A good software firewall is already configured to protect you from known threats and is updated automatically to tackle new threats. You may also want to consider proven firewall and antivirus suites . Save you money and easier configuration via a single user menu.
Small Office - If you have more than one computer that needs internet access in your office or home, you would most likely have some firewall like features built into your router. All hardware firewalls uses Network Address Translation (NAT) that shields internal network computers from the internet.
Alternatively, you can also install a software network firewall on your network access computer - gives much more control of firewall features.
Unfortunately, a hardware firewall does not provide much protection from worms, spy wares or Trojans that can shift confidential and damaging data out of one of your computers. You would need a software firewall on each individual computer for adequate protection these days.
Traveler - A software firewall is almost the only choice for notebook users - lugging an external firewall + power supply defeats having one of those nice Pentium-M lightweights. Also, software firewalls can be updated with tighter security features as fast as new threats surfaces. Many of today's security threats come from application level embedded codes (from emails or websites) that send confidential data to an external party.
We hope that the above will help your internet security shopping decision making.

Friday, 23-Jul-2004 00:00 Email | Share | | Bookmark
The Types of Firewalls

firewall fall into four broad categories: packet filters, circuit level gateways, application level gateways and tasteful multilayer inspection firewalls.
Packet filtering firewalls work at the network level of the OSI model, or the IP layer of TCP/IP. They are usually part of a router. A router is a device that receives packets from one network and forwards them to another network. In a packet filtering firewall each packet is compared to a set of criteria before it is forwarded. Depending on the packet and the criteria, the firewall can drop the packet, forward it or send a message to the originator. Rules can include source and destination IP address, source and destination port number and protocol used. The advantage of packet filtering firewalls is their low cost and low impact on network performance. Most routers support packet filtering. Even if other firewalls are used, implementing packet filtering at the router level affords an initial degree of security at a low network layer. This type of firewall only works at the network layer however and does not support sophisticated rule based models. Network Address Translation (NAT) routers offer the advantages of packet filtering firewalls but can also hide the IP addresses of computers behind the firewall, and offer a level of circuit-based filtering. Circuit level gateways work at the session layer of the OSI model, or the TCP layer of TCP/IP. They monitor TCP handshaking between packets to determine whether a requested session is legitimate. Information passed to remote computer through a circuit level gateway appears to have originated from the gateway. This is useful for hiding information about protected networks. Circuit level gateways are relatively inexpensive and have the advantage of hiding information about the private network they protect. On the other hand, they do not filter individual packets.
Application level gateways, also called proxies, are similar to circuit-level gateways except that they are application specific. They can filter packets at the application layer of the OSI model. Incoming or outgoing packets cannot access services for which there is no proxy. In plain terms, an application level gateway that is configured to be a web proxy will not allow any ftp, gopher, telnet or other traffic through. Because they examine packets at application layer, they can filter application specific commands such as http: post and get, etc. This cannot be accomplished with either packet filtering firewalls or circuit level neither of which knows anything about the application level information. Application level gateways can also be used to log user activity and logins. They offer a high level of security, but have a significant impact on network performance. This is because of context switches that slow down network access dramatically. They are not transparent to end users and require manual configuration of each client computer.
Tasteful multilayer inspection firewalls combine the aspects of the other three types of firewalls. They filter packets at the network layer, determine whether session packets are legitimate and evaluate contents of packets at the application layer. They allow direct connection between client and host, alleviating the problem caused by the lack of transparency of application level gateways. They rely on algorithms to recognize and process application layer data instead of running application specific proxies. Tasteful multilayer inspection firewalls offer a high level of security, good performance and transparency to end users. They are expensive however, and due to their complexity are potentially less secure than simpler types of firewalls if not administered by highly competent personnel.

Thursday, 22-Jul-2004 00:00 Email | Share | | Bookmark
Do You Need a Firewall?

Anyone who surfs the Web can benefit from personal
firewall software whether you use dial-up or enjoy an always-on Internet connection. Many PC users believe that no one would bother breaking into their anonymous home computer. Unfortunately, this is not true. Every computer on the Internet has its own IP address, a unique string of numbers that serve as a type of identification. Hackers often program their computers to scan random IP addresses and attack whenever a vulnerable machine is found. They don't need to know your machine personally to attack it. And this intrusion could cost you many files and programs -- especially if you have to reinstall your operating system without warning.
Personal Firewall can provide you with the ultimate in security for your home computer, right out of the box. Because it automatically configures itself specifically to your PC, it is easy to use and provides customized security for your needs. It immediately "hides" your PC and takes other steps to guard it against common hacking techniques. You can choose basic settings quickly with easy-to-use presets, or you can adjust the security settings to your exact preferences using more detailed customizations. Anyone online can benefit from personal firewall software. Don't let hackers and other online dangers threaten your PC. Keep them safe behind Personal Firewall.
How do Firewalls Work?
A network firewall is some dedicated hardware or software that tries to prevent unauthorized access of outside network traffic to individual computers (personal firewall) or to a group of computers. Some firewalls also block the outflow of data 'packets' from unauthorized programs in the protected computer.
Firewalls typically adopt one or more of the following methods to secure traffic flowing in and out of a computer/group of computers,
Network Address Translation (NAT) - works from within a network router to translate the service provider's assigned IP address to multiple addresses within the internal network. This hides the IP address of each individual computer in the network from scanners software in the internet.
Packet Filtering - inspects each packet of network data going in and out of the firewall (packet filtering is usually hardware implemented) and accepts or reject packets based on a configured set of access policy. Most network routers implement some sort of packet filtering, itâ??s cheap and fast but difficult to configure for heightened levels of security. This is because packet filters looks at source & destination IP addresses, ports and protocols but not at content or purpose of the packets (e.g. it does not does not know that the packet is an outgoing Outlook email).
Stateful Packet Inspection (SPI) - instead of inspecting each data packet independently, SPI filtering looks at certain characteristics of flow of data packets and compares against its sets of configured rules. This allows more intelligent decision but usually requires user intervention from within the firewall software.
Application Level Proxy Server - a software solution where an intermediary application secures the data traffic going in and out of a system from a particular application. When an application needs to send data to the internet, the proxy servers perform the connection and pass/fails the transaction based on earlier user configuration. As the process is done on a proxy server (internal or external), network performance always degraded.

[<<  <  [1]  2  3  4  5  >  >>]    [Archive]

© Pidgin Technologies Ltd. 2016