Introduction

Firewall Configuration Tool

How does a firewall work?

Firewall Types

Hands on Session

MODULE 3: SQUID PROXY SERVER

ADDITIONAL RESOURCE : OPEN SOURCE/FREE SECURITY TOOLS

CONTRIBUTORS

Introduction

What is a firewall?

A firewall protects networked computers from intentional hostile intrusion that could compromise confidentiality or result in data corruption or denial of service(DOS).It may be a hardware device (Figure-1) or a software program(Figure-2) running on a secure host computer. In other case, it must have at least two network interfaces, one for the network it is intended to protect and one for the network it is exposed to.

A firewall sits between a private network and a public network. It is configured with a set of rules that determine which network traffic will be allowed to pass and which will be blocked or refused.

Figure -1:Hardware Firewall

Figure -2:Software Firewall

What does a firewall do?

A firewall examines all traffic routed between the two networks to see if it meets certain criteria. If it does, it is routed between the networks, otherwise it is stopped. A firewall filters both inbound and outbound traffic. It can also manage public access to private networked resources such as host applications. It can be used to log all attempts to enter the private network and trigger alarms when hostile or unauthorized entry is attempted. Firewalls can filter packets based on their source and destination addresses and port numbers. This is known as address filtering. Firewalls can also filter specific types of network traffic. This is also known as protocol filtering because the decision to forward or reject traffic is dependent upon the protocol used, for example HTTP, ftp or telnet. Firewalls can also filter traffic by packet attribute or state.

Who needs a firewall?

Anyone who is responsible for a private network that is connected to a public network needs firewall protection. Furthermore, anyone who connects so much as a single computer to the Internet via modem should have personal firewall software. Many dial-up Internet users believe that anonymity will protect them. They feel that no malicious intruder would be motivated to break into their computer. Dial up users who have been victims of malicious attacks and who have lost entire days of work, perhaps having to reinstall their operating system, know that this is not true. Irresponsible pranksters can use automated robots to scan random IP addresses and attack whenever the opportunity presents itself.

« Previous | Next »