Introduction to Firewalls

TEC 236
 What is a Firewall?
• A firewall is hardware, software, or a
combination of both that is used to prevent
unauthorized programs or Internet users
from accessing a private network and/or a
single computer
 What is a Firewall?
• A security system that acts as a protective
boundary between a
network and the outside world
• Isolates a computer or network from the
“outside” based on a defined set of rules
– Inspects each individual "packet" of data
as it arrives at either side of the firewall
– Maintains a state table
– Determine whether traffic should be
allowed to pass or be blocked
 Rules Determine

WHO ? WHEN ?
WHAT ? HOW ?

My
INTERNE
INTERNE PC

TT

Protected
Firewall Network
Hardware vs. Software Firewalls
• Hardware Firewalls
– Protect an entire network
– Implemented on the router level
– Usually more expensive, harder to configure
• Software Firewalls
– Protect a single computer
– Usually less expensive, easier to configure
How does a software firewall work?
• Inspects each individual “packet” of data
as it arrives at either side of the firewall
• Inbound to or outbound from your
computer
• Determines whether it should be allowed
to pass through or if it should be blocked
 Firewall Rules
• Allow – traffic that flows automatically
because it has been deemed as “safe”
(Ex. Meeting Maker, Eudora, etc.)
• Block – traffic that is blocked because it
has been deemed dangerous to your
computer
• Ask – asks the user whether or not the
traffic is allowed to pass through
What a personal firewall can do
• Stop hackers from accessing your
computer
• Protects your personal information
• Blocks “pop up” ads and certain cookies
• Determines which programs can access
the Internet
What a personal firewall cannot do
• Cannot prevent e-mail viruses
– Only an antivirus product with updated
definitions can prevent e-mail viruses
• After setting it initially, you can forget
about it
– The firewall will require periodic updates to
the rulesets and the software itself
 Considerations when using
personal firewall software
• If you did not initialize an action and your
firewall picks up something, you should
most likely deny it and investigate it
• It’s a learning process (Ex. Spooler
Subsystem App)
• If you notice you cannot do something you
did prior to the installation, there is a good
chance it might be because of your firewall
 Examples of personal firewall
software
• ZoneAlarm <www.zonelabs.com>
• BlackICE Defender
<http://blackice.iss.net>
• Tiny Personal Firewall
<www.tinysoftware.com>
• Norton Personal Firewall
<www.symantec.com>
 Windows XP Firewall
• Currently *not* enabled by default
• Enable under Start -> Settings -> Control
Panel
• Select Local Area Connection
• Select the Properties button
• Click the “Advanced” tab
Windows XP firewall
 Updates to Windows XP Firewall
• *Will* be enabled in default installations of
Windows XP Service Pack 2
• Ports will be closed except when they are
in use
• Improved user interface for easier
configuration
• Improved application compatibility when
firewall is enabled
 Final Notes
• Rule Management
• Default Allow vs. Default Deny
• Firewalls do NOT Solve the Entire Problem