 |
 |
Firewall
Name: Joan P.
Status: Student
Age: 40s
Location: N/A
Country: N/A
Date: Around 2001
Question:
What is a firewall? I am assuming it has something to do
with security and hacker prevention. I was hoping you could lead me to a
good source for more information.
Replies:
Firewalls come in many different forms, and can be hardware devices, or
programs that are run on a server computer. They also do many different
things, so this is going to be a really simplified version of things.
Firewalls basically are placed between a computer that wants to connect to
the Internet and the actual connection to the Internet. Then, when a
computer wants to connect to the Internet, its data goes through the
firewall, and then to the Internet.
Likewise, someone on the Internet wants to connect to a computer, all of the
data goes through the firewall, and then to the computer.
If a firewall simply passed every message along, it wouldn't be very useful.
Typically firewalls do not simply pass every message along, and firewalls do
several different things, but not every firewall does them all:
1. Filtering
2. Proxy Servers
3. Routing
1. A firewall can filter messages (packets) and decide whether to send them
along or not. Firewalls can deny requests coming from the Internet. It can
also deny requests going to the Internet. So, a firewall can block all
messages coming from the Internet that do not match specific criteria. So
if a request comes from an unknown source, it is denied. Since most hackers
will be unknown, this prevents them from breaking in. Firewalls can also
prevent certain types of data from going out. This helps prevent a virus or
other unknown application from sending out data. The filtering can also
stop things besides hackers. Firewalls can prevent specific applications
from being used, both by people on the Internet or people behind the
firewall.
2. A firewall can act as a proxy server. When set up this way, only the
firewall can establish a connection on the Internet. The other computers
can't. When they need to make an Internet connection, they contact the
firewall, and tell it what they want to do. The firewall then establishes
the connection and makes the request, and passes the results back. This
provides several benefits. First, every computer that connects to the
Internet needs an IP address, and they cost money. Since the firewall is
the only computer connected, a company could buy a single IP address, and
connect as many computers to the proxy server as they need. Second, since
only the firewall is connected, the other machines are effectively invisible
to computers on the Internet. This means the connection has to come from
inside the firewall.
3. Routing. When a firewall is used as a proxy server, it is also acting
as a router. This means that it is directing or routing network messages to
the correct machines inside the network. Firewalls also can direct Internet
traffic to specific machines inside the network. Doing this is sometimes
called a hole in the firewall because now Internet traffic can connect to a
machine on the other side of the firewall, if it follows the rules set up by
the firewall.
In summary, firewalls simply determine how someone can use their computer to
access the Internet, and how someone can use the Internet to access a
computer inside the firewall. Because they can control access, they are
mostly used for security purposes.
So, how do hackers get past a firewall? They find a hole and use it. A
firewall is no good if it blocks everything, so a hacker finds something
that is allowed to go through the firewall, and use that. For example, if a
telecommuter can get through the firewall to access specific files, the
hacker makes his Internet look like the telecommuter, and then can get in.
If you are still curious, there is a lot of good information on the
Internet.
One site that has a lot of good links is:
http://www.firewallguide.com/overview.htm
Hope this helps,
--Eric Tolman
Click here to return to the Computer Science Archives
| |
Update: June 2012
|
|
