No doubt you've heard about firewalls. Everyone on the Internet has heard the term
at one time or another. They are for protecting your computer from the big bad
Internet, right? Well, yes, essentially.
They can also control access out to the Internet from
your computer, but what are they really, and how do they work?
A firewall is a piece of hardware, or a software program that examines data passing into your computer or network and discards it if it does not meet certain criteria. Depending on the type of firewall you use, this operation may take place at different points in the path between the source of the data and the application in your computer it is intended for, and different criteria will be used to examine the data, but the basic operation remains the same for all firewalls.
There are four distinct types of firewall method, which may be used individually or combined into a firewall product:
Packet Filtering
Packet filtering firewalls work by examining data packets as they attempt to pass through the firewall, and comparing them to a list of rules based on the source of the data, the destination it is intended for, and the port the data was sent from and intends to connect to.
A firewall using packet filtering can be easily configured to stop certain forms of information flowing in or out of a computer or network by blocking well-known ports.
For example, setting a packet-filtering firewall to block data traveling out of the firewall from any source, using port 80 (the standard port used for http, or web-browsing data) will have the effect of disabling web browsing on all computers inside the firewall.
likewise, if you were hosting a website on your computer and you set your firewall to drop all data coming into the network on port 80 from any source, no-one outside your network would be able to view your website.
the limitation of packet filters is that ports and ip addresses are all they will filter. they don't care about the content of the data, just where it's headed. They also require some technical knowledge if you wish to customize them. Most cable/DSL routing devices can use packet filtering as a part of their firewall protection.
Circuit level gateways
A circuit level gateway is a firewall that only allows
data into its protected network based on requests that come from computers
inside that network. The firewall keeps a record of requests for data that go out, and only allows data in that matches with a request. An advantage of this type of firewall is that since it acts as the gateway to the network it is protecting, anyone scanning the network from outside will see only the address of the firewall, not the rest of its protected network.
RSS Newsletter
