Introduction to Firewalls

TEC 236

What is a Firewall?
A firewall is hardware, software, or a
combination of both that is used to prevent
unauthorized programs or Internet users
from accessing a private network and/or a
single computer

What is a Firewall?
A security system that acts as a protective
boundary between a
network and the outside world
Isolates a computer or network from the
outside based on a defined set of rules
Inspects each individual "packet" of data
as it arrives at either side of the firewall
Maintains a state table
Determine whether traffic should be
allowed to pass or be blocked

Rules Determine
WHO ? WHEN ?
WHAT ? HOW ?

My
PC

INTERNE
T

Firewall

Protected
Network

Hardware vs. Software Firewalls

Hardware Firewalls
Protect an entire network
Implemented on the router level
Usually more expensive, harder to configure

Software Firewalls
Protect a single computer
Usually less expensive, easier to configure

How does a software firewall work?

Inspects each individual packet of data
as it arrives at either side of the firewall
Inbound to or outbound from your
computer
Determines whether it should be allowed
to pass through or if it should be blocked

Firewall Rules
Allow traffic that flows automatically
because it has been deemed as safe
(Ex. Meeting Maker, Eudora, etc.)
Block traffic that is blocked because it
has been deemed dangerous to your
computer
Ask asks the user whether or not the
traffic is allowed to pass through

What a personal firewall can do

Stop hackers from accessing your
computer
Protects your personal information
Blocks pop up ads and certain cookies
Determines which programs can access
the Internet

What a personal firewall cannot do

Cannot prevent e-mail viruses
Only an antivirus product with updated
definitions can prevent e-mail viruses

After setting it initially, you can forget

about it
The firewall will require periodic updates to
the rulesets and the software itself

Considerations when using

personal firewall software
If you did not initialize an action and your
firewall picks up something, you should
most likely deny it and investigate it
Its a learning process (Ex. Spooler
Subsystem App)
If you notice you cannot do something you
did prior to the installation, there is a good
chance it might be because of your firewall

Examples of personal firewall

software
ZoneAlarm <www.zonelabs.com>
BlackICE Defender
<http://blackice.iss.net>
Tiny Personal Firewall
<www.tinysoftware.com>
Norton Personal Firewall
<www.symantec.com>

Windows XP Firewall
Currently *not* enabled by default
Enable under Start -> Settings -> Control
Panel
Select Local Area Connection
Select the Properties button
Click the Advanced tab

Windows XP firewall

Updates to Windows XP Firewall

*Will* be enabled in default installations of
Windows XP Service Pack 2
Ports will be closed except when they are
in use
Improved user interface for easier
configuration
Improved application compatibility when
firewall is enabled

Final Notes
Rule Management
Default Allow vs. Default Deny
Firewalls do NOT Solve the Entire Problem