FIREWALL

Add caption

THIS IS A SAMPLE DIAGRAM OF A FIREWALL. . . .. 

 A firewall is a device or set of devices designed to permit or deny network transmissions based upon a set of rules and is frequently used to protect networks from unauthorized access while permitting legitimate communications to pass.

Many personal computer operating systems include software-based firewalls to protect against threats from the public Internet. Many routers that pass data between networks contain firewall components and, conversely, many firewalls can perform basic routing functions.

The term firewall originally referred to a wall intended to confine a fire or potential fire within a building  firewall (construction). Later uses refer to similar structures, such as the metal sheet separating the engine compartment of a vehicle or aircraft from the passenger compartment.

Firewall technology emerged in the late 1980s when the Internet was a fairly new technology in terms of its global use and connectivity. The predecessors to firewalls for network security were the routers used in the late 1980s:

§  Clifford Stoll's discovery of German spies tampering with his system.

§  Bill Cheswick's "Evening with Berferd" 1992 in which he set up a simple electronic to observe an attacker

§  In 1988, an employee at the NASA Ames Research Center in California sent a memo by email to his colleagues.that read, "We are currently under attack from an Internet VIRUS! It has hit Berkeley, UC San Diego, Lawrence Livermore, Stanford, and NASA Ames."

§  The Morris Worm spread itself through multiple vulnerabilities in the machines of the time. Although it was not malicious in intent, the Morris Worm was the first large scale attack on Internet security; the online community was neither expecting an attack nor prepared to deal with one.

 

There are three kinds of generations of firewall

 

 

First generation: packet filters

The first paper published on firewall technology was in 1988, when engineers from Digital Equipment Corporation (DEC) developed filter systems known as packet filter firewalls

Second generation: "stateful" filters

From 1989-1990 three colleagues from AT&T Bell Laboratories, Dave Presetto, Janardan Sharma, and Kshitij Nigam, developed the second generation of firewalls, calling them circuit level firewalls.

Third generation: application layer

The key benefit of application layer filtering is that it can "understand" certain applications and protocols (such as File Transfer Protocol,DNS, or web browsing), and it can detect if an unwanted protocol is sneaking through on a non-standard port or if a protocol is being abused in any harmful way.

There are different types of firewall

And these are. . .

 

Ø  Network layer and packet filters

Network layer firewalls, also called packet filters, operate at a relatively low level of the TCP/IP protocol stack, not allowing packets to pass through the firewall unless they match the established rule set. The firewall administrator may define the rules; or default rules may apply. The term "packet filter" originated in the context of BSD operating systems.

Network layer firewalls generally fall into two sub-categories, stateful and stateless.

Stateful firewalls maintain context about active sessions, and use that "state information" to speed packet processing while the Stateless firewalls require less memory, and can be faster for simple filters that require less time to filter than to look up a session.

 

Ø  Application-layer

Application-layer firewalls work on the application level of the TCP/IP stack  and may intercept all packets traveling to or from an application. They block other packets (usually dropping them without acknowledgment to the sender). In principle, application firewalls can prevent all unwanted outside traffic from reaching protected machines.

On inspecting all packets for improper content, firewalls can restrict or prevent outright the spread of networked computer worms and trojans. The additional inspection criteria can add extra latency to the forwarding of packets to their destination.

Ø  Proxies

A proxy device (running either on dedicated hardware or as software on a general-purpose machine) may act as a firewall by responding to input packets (connection requests, for example) in the manner of an application, while blocking other packets.

Proxies make tampering with an internal system from the external network more difficult and misuse of one internal system would not necessarily cause a security breach exploitable from outside the firewall “as long as the application proxy remains intact and properly configured”.

Ø  Network address translation

Firewalls often have network address translation (NAT) functionality, and the hosts protected behind a firewall commonly have addresses in the "private address range", as defined in RFC 1918. Firewalls often have such functionality to hide the true address of protected hosts. Originally, the NAT function was developed to address the limited number of IPv4 routable addresses that could be used or assigned to companies or individuals as well as reduce both the amount and therefore cost of obtaining enough public addresses for every computer in an organization. Hiding the addresses of protected devices has become an increasingly important defense against network reconnaissance.

Firewalls Advantages and Disadvantages

What are the advantages of Firewall Use?

1. A feeling of increased security that your PC and contents are being protected.
2. Relatively inexpensive or free for personal use.
3. New releases are becoming user friendly.
4. You can monitor incoming and outgoing security alerts and the firewall company will record and track down an intrusion attempt depending on the severity.
5. Some firewalls but not all can detect viruses, worms, Trojan horses, or data collectors.
6. All firewalls can be tested for effectiveness by using products that test for leaks or probe for open ports.

Disadvantages of use

1. Firewalls evolve due to cracker's ability to circumvent them increases.
2. "Always on" connections created by Cable and DSL connections create major problems for firewalls. This can be compared to leaving you car running with the keys in it and the doors unlocked which a thief may interpret as an invitation to "Please steal me".
3. Firewalls cannot protect you from internal sabotage within a network or from allowing other users access to your PC.
4. Firewalls cannot edit indecent material like pornography, violence, drugs and bad language. This would require you to adjust your browser security options or purchase special software to monitor your children's Internet activity.
5. Firewalls offer weak defense from viruses so antiviral software and an IDS (intrusion detection system) which protects against Trojans and port scans should also complement your firewall in the layering defense.

6. Some firewalls claim full firewall capability when it's not the case. Not all firewalls are created equally or offer the same protection so it's up to the user to do their homework.
7. Cost varies. There are some great free firewalls available to the PC User but there are also a few highly recommended products, which can only be purchased. The difference may be just the amount of support or features that a User can get from a free product as opposed to a paid one and how much support that user thinks he or she will require.
8. A firewall protection is limited once you have an allowable connection open. This is where another program should be in place to catch Trojan horse viruses trying to enter your computer as unassuming normal traffic.
9. There have been claims made by IDS (Intrusion Detection System) companies where Trojan's were detected such as the RuX FireCracker v 2.0 which disabled certain Firewalls programs thus leaving the PC vulnerable to malicious actions.