Can Network Firewalls
Protect Your Computer?
Network firewalls get their name from specially built walls in buildings which slow the spread of fire from one room to another. These building firewalls can retard the fire until help arrives.
In a similar manner, network firewalls restrict traffic by only allowing certain kinds of data and users into the firewall protected network.
There are two kinds of computer security firewalls: hardware and software. The hardware firewall is a dedicated box that plugs into a network and all it does is act as a network security barrier. A software firewall, also called a personal firewall, is typically found on a user's computer where it runs alongside other programs that have nothing to do with network security.
Hardware firewalls are commonly used to shield a corporate network from the Internet. The shielded computers are said to be 'behind' the firewall. These computers may freely access each other or the Internet, but the incoming traffic from the Internet is restricted to certain computers or public access areas.
Using a strategy of multiple levels of security, the principal of firewall protection is also applied within corporate networks. They are used to restrict resources to certain groups and to prevent viruses in one group from spreading out and infecting other groups.
Network firewalls are intended to prevent access to systems by malicious users or viruses. Acting as a gatekeeper, they control both outbound and inbound traffic according to a policy set by the network administrator. Considered a simplified programming language, the policy controls what kind of incoming or outgoing traffic is allowed and which programs may access the Internet.
Auto-updating antivirus programs, email programs, and web browsers all require network access. A personal firewall can be configured to allow traffic from these programs and disallow access to and from all others. Potentially this can block Internet access to a virus.
Firewalls can learn which programs may access the Internet by asking you what to do whenever an unrecognized program attempts to access the network. Generally, a good rule of thumb is to disallow network access to any program you do not recognize.
Malicious users routinely scan the Internet looking for open ports through which they can gain access to your computer. Ports are addresses used to identify specific Internet programs on your computer. Computer users with malicious intent, look for any open ports that can be hijacked to transmit a worm to your computer. Such worms may be used by this attacker to control your computer. Thankfully, firewalls can limit this avenue of attack by closing all open ports.
Good personal firewalls not only close ports, they also hide their existence. If a malevolent program scans a closed port on your computer, it won't even receive responses to the scan requests. This effectively renders your system invisible.
Unfortunately personal network firewalls are also subject to attack. Just like other programs on your computer, a virus could alter the functions of the firewall. A common avenue of attack is to modify the policy file, granting the virus unrestricted access to the Internet. When this happens, your computer has been fundamentally compromised and is open to use as a base from which to attack other computers on the network.
Nevertheless, connecting to the Internet without using a personal firewall is ill advised. Open ports are a security hole which can be easily exploited by criminals. Protect the integrity of your firewall by regularly scanning for viruses. Keep your anti-virus program up to date because new viruses are being released every day.
Return from Network Firewalls to Computer Security
|
