Q: What exactly is a firewall and how does it work?


Think of it as Internet customs and immigration. The firewall is the agent that checks each item entering or leaving the network. Each item must pass the right criteria in order to make it through. So a hacker attempting to enter the network of California with a Florida orange would be stopped at the border.

There are three major types of firewalls:

  • A packet filter looks at each packet entering or leaving the network and accepts or rejects it based on user-defined rules. Packet filtering is fairly effective and transparent to users, but it is difficult to configure. In addition, it is susceptible to IP spoofing.

  • A proxy server (also known as application gateway) intercepts all messages entering and leaving the network. The proxy server effectively hides the true network addresses.

    Proxies forward messages between clients and servers by appearing to the client (e.g. a Web browser) as a server and appearing to the server (e.g. Web server) as a client. Hence, the client talks to the proxy which then decides whether the communication should be forwarded to the server and if it does, it contacts the server and forwards the messages to it.

    Proxies can handle complex protocols (which packet filters cannot), because they implement a complete set of a client and a server for each protocol. The drawbacks are performance and limited number of supported protocols.

  • stateful inspection combines the speed and broad protocol support of packet filters with the security and support of complex protocols of proxies. It does it by inspecting all the traffic, looking for security-related information, and using this security-related information to make smart decisions regarding which traffic should be accepted and rejected.

In practice, many firewalls use two or more of these techniques in concert.

The problem with firewalls

Firewalls are still very difficult to configure and monitor. In the future, firewalls will be configured using more natural processes, similar to the way humans talk about security. Also, managed security services -- outsourcing one's security to a company that has unique security expertise -- is a growing trend.

ZoneAlarm 2.6 is freeware that combines a firewall with powerful tools to help block Internet traffic and control certain applications' use of the Internet.

Four Steps to Internet Safety

No matter how many security systems you have in place, you should always stick with these easy rules for Internet safety:

  1. Always use good passwords. Choose gibberish words that are not from the dictionary and use uppercase and lowercase letters, punctuation, and numbers. The more random the password, the more difficult it is to crack. If you have trouble remembering the truly random ones, you can use a pneumonic system. For instance, take the first initials of the last eight presidents. Use uppercase for Republicans and lowercase for Democrats, putting between them the number of years they served or random punctuation. It's hard to crack and easy to recall. (I know, I know, that's easy for me to say!) I use a full sentence with capitalization and punctuation for my password.

  2. Don't turn on services unnecessarily. File-sharing is the No. 1 problem. If you don't have a reason to use file sharing, turn it off. Don't run an FTP or a Web server unless you have a reason. These services open ports and make your computer accessible. If you have to use these services, then refer to rule No. 1.

  3. Be stealthy and don't name your computer something obvious. I don't put my personal name or anything associated with me on the computer. Otherwise, if people sniff me (this is very easy to do) and find out my name, they have more reason to attack. Don't put your name or address in your computer.

  4. When you're on the Internet, hide your IP address. If you're using an ICQ, make sure you use the security feature and turn off your IP address. You can use a program such as Freedom from Zero Knowledge to hide your IP address from all comers.

Test Your Firewall

So how do you know for sure if the firewall you have installed does what it's advertised to do?

A few software downloads can help you easily identify potential security threats before they're an issue.

Test from outside

  • ShieldsUp! -- Developed by Internet privacy/security advocate Steve Gibson of Gibson Research Corporation. ShieldsUp is a free 20K application designed just for Windows users. Once installed it contacts the ShieldsUp Web server and tests your firewall's integrity from the outside.

  • Port Scanner -- Security Port Scanner AWSPS v4.0 is an incredible utility used to report and test TCP and UDP ports. You want to verify that no ports are reported open unless you've opened them yourself. To test your firewall, simply install this program on an outside computer and ping every port on your IP address.

Test from inside

  • Leak Test -- another great free download from GRC. Leak Test is designed to test from the inside out, so you'll want to install it on the computer where your firewall is located.

    With the push of a button it will test your firewall and generate a report identifying possible security issues. The best part about Leak Test is the information and step-by-step instructions it provides on how to improve your computer's security if security issues are found.

Home Information Page HTML Lessons Java Script Lessons