Movies and TV are to have us believe that a “firewall” is some form of ultra high-tech obstacle that protects sensitive information. In this world of fiction, savvy hackers are also able to type away – seemingly at random – to gain access to a computer. But in reality a firewall is just a basic program or simple piece of hardware that any computer user, especially those with a broadband connection should have running at all times.
If your computer is connected to the Internet via a broadband connection then it has an Internet Protocol signature, or IP address. Other online users can access that IP address, and this is why a firewall becomes so important. A firewall can provide secure access to the Internet, allowing safe traffic into and out of your computer or private network, while at the same time automatically blocking intruders and hackers. Additionally, the firewall gives you the power to decide which programs should be able to connect to the Internet, while also shielding you from being attacked through security holes in unpatched software.
And while movies make us believe that firewalls are some advanced technology, these are actually very simple products that come in a variety of forms. The first type is the hardware firewall, which is an application built into your DSL, cable or wireless router. In this case, the firewall is the first line of defense and works by a technique called packet filter, examining the header of a packet and thus determining its source and destination address. This information is then compared to a set of predefined or user-created rules that determine whether the packet is to be forwarded or dropped. An advanced system called Stateful Packet Inspection (SPI) even looks for other characteristics, including the origin and whether incoming traffic is actually a response to outgoing connections, such as a Web page request. The downside of hardware firewalls is that they can inadvertently treat any local network traffic as safe, which certainly won’t halt the spread of viruses or other threats if even one computer on the network is contaminated.
The alternative is a software firewall, which is essentially a program that screens the data as it arrives on the network. But no matter which version is in place, all information passes through the firewall, and those that do not meet a specified security criteria are blocked. There are several types of methods that software firewalls use to block unauthorized connections to the computer. These include a packet filter – similar to the hardware firewall technique – that looks at each packet of data that enters or leaves the network, accepting or rejecting it based on the user-defined rules. It is effective, but susceptible to spoof IP addresses – that is where the sender’s IP address has been changed to appear as an authorized address. A proxy server can intercept all data entering and leaving the network and it effectively hides the true IP addresses, but this adds difficultly in allowing an authorized outside computer to access the protected computer. Additionally, gateways can be set up to allow specific connections with approved access for specific programs – such as games – or from authorized outside IP addresses. Users should also determine their firewall needs, based on how they use their computers.