Google
 
   
Login
Username:

Password:


Lost Password?

Register now!
Search

Advanced Search
Main Menu
top books
Polls
What do you think about php-deluxe.net?
Excellent!
Cool
Hmm..not bad
What the hell is this?
encyclopedia
Kinex Enterprises Ltd.
Cinemaware
Software package
Rapira
API documentation
George Gilder
BBC Radio nan Gaidheal
recommendation
compare webbrowser
Freenet DSL
Who's Online
18 user(s) are online (11 user(s) are browsing encyclopedia)

Members: 0
Guests: 18

more...
browser tip
recommendation!
Sponsored
partner
Germany Next Topmodel
germanys next topmodel germanys next topmodel

Firewall (networking)

In Computing, a firewall is a piece of hardware and/or Software which functions in a computer network to prevent some communications forbidden by the computer security policy, analogous to the function of firewall (construction) in building construction. A firewall is also called a Border Protection Device (BPD), especially in NATO contexts, or packet filter in BSD contexts.

A firewall has the basic task of controlling traffic between different zones of trust. Typical zones of trust include the Internet (a zone with no trust) and an internal network (a zone with high trust). The ultimate goal is to provide controlled connectivity between zones of differing trust levels through the enforcement of a security policy and connectivity model based on the least privilege principle.

Proper configuration of firewalls demands skill from the system administrator. It requires considerable understanding of network protocols and of computer security. Small mistakes can render a firewall worthless as a security tool.

=Types of firewalls=

There are three basic types of firewalls depending on

  • whether the communication is being done between a single node and the network, or between two or more networks
  • whether the communication is intercepted at the network layer, or at the application layer
  • whether the communication state is being tracked at the firewall or not

    • With regard to the scope of filtered communication there exist:

  • personal firewalls, a software application which normally filters traffic entering or leaving a single computer through the Internet
  • network firewalls, normally running on a dedicated network device or computer positioned on the boundary of two or more networks or DMZs (Demilitarized zone (computing)). Such a firewall filters all traffic entering or leaving the connected networks.

    • The latter definition corresponds to the conventional, traditional meaning of firewall in networking.

    In reference to the layers where the traffic can be intercepted, three main categories of firewalls exist:

  • network layer firewalls
  • application layer firewalls
  • application firewalls
    • These network-layer and application-layer types of firewall may overlap, even though the personal firewall does not serve a network; indeed, single systems have implemented both together.

    There s also the notion of application firewalls which are sometimes used during wide area network (WAN) networking on the world-wide web and govern the system software. An extended description would place them lower than application layer firewalls, indeed at the Operating System layer, and could alternately be called operating system firewalls.

    Lastly, depending on whether the firewalls track packet states, two additional categories of firewalls exist:

  • stateful firewalls
  • stateless firewalls

    • =Network layer firewalls=

    : Main article: network layer firewall

    Network layer firewalls operate at a (relatively low) level of the Internet protocol suite protocol stack as IP-packet filters, not allowing packets to pass through the firewall unless they match the rules. The firewall administrator may define the rules; or default built-in rules may apply (as in some inflexible firewall systems).

    A more permissive setup could allow any packet to pass the filter as long as it does not match one or more negative-rules , or deny rules . Today network firewalls are built into most computer operating system and network appliances.

    Modern firewalls can filter traffic based on many packet attributes like source IP address, source port (computing), destination IP or port, destination service like World Wide Web or File transfer protocol. They can filter based on protocols, Time to live values, netblock of originator, Domain Name System of the source, and many other attributes.

    =Application-layer firewalls=

    : Main article: application layer firewall

    Application-layer firewalls work on the application level of the TCP/IP stack (i.e., all browser traffic, or all Telnet or ftp traffic), and may intercept all packets traveling to or from an application. They block other packets (usually dropping them without acknowledgement to the sender). In principle, application firewalls can prevent all unwanted outside traffic from reaching protected machines.

    By inspecting all packets for improper content, firewalls can even prevent the spread of the likes of computer viruseses. In practice, however, this becomes so complex and so difficult to attempt (given the variety of applications and the diversity of content each may allow in its packet traffic) that comprehensive firewall design does not generally attempt this approach.

    The XML Firewall exemplifies a more recent kind of application-layer firewall.

    =Proxies=

    A proxy server device (running either on dedicated hardware or as software on a general-purpose machine) may act as a firewall by responding to input packets (connection requests, for example) in the manner of an application, whilst blocking other packets.

    Proxies make tampering with an internal system from the external network more difficult, and misuse of one internal system would not necessarily cause a security breach exploitable from outside the firewall (as long as the application proxy remains intact and properly configured). Conversely, intruders may hijack a publicly-reachable system and use it as a proxy for their own purposes; the proxy then masquerades as that system to other internal machines. While use of internal address spaces enhances security, security cracking may still employ methods such as IP spoofing to attempt to pass packets to a target network.

    =Network address translation=

    Firewalls often have network address translation (NAT) functionality, and the hosts protected behind a firewall commonly use so-called private address space , as defined in RFC 1918. Administrators often set up such scenarios in an effort (of debatable effectiveness) to disguise the internal address or network.

    =Implementations=

    *Software

  • Microsoft [http://www.microsoft.com/isa/ Internet Security and Acceleration Server (ISA)]
  • Netfilter/iptables
  • IPFilter (ipf)
  • Pf
  • ipfw
  • ipchains

    • *Appliances

  • Celestix Networks MSA Series
  • Check Point FireWall 1
  • Cisco PIX
  • CyberGuard
  • Juniper Networks NetScreen
  • Phion NetFence
  • Secure Computing Corporation
  • SofaWare Technologies
  • SonicWALL
  • Free Software Distributions (reuse your old computer as a firewall)
  • IPCop (GPL)
  • M0n0wall (BSD-style license)
  • Devil_Linux (GPL)

    • *Personal firewalls – see that article

    = Online Firewall Check =

    These sites offer free online portscan services to check your firewall security. Please note that online port probes are not 100% bulletproof as they always check the public IP address, which may be a proxy server. Online portscans are easy to use and offer basic insights, but to ensure network security use tools like Nmap. *[http://www.grc.com/default.htm ShieldsUP (Gibson Research Corporation)] Quick and easy to use *[http://scan.sygate.com/ Sygate Online Scan] Extended security check, concise (Stealth Scan, Trojan Scan) *[http://www.planet-security.net/index.phpxid=%F7%04T%BDP%92nD Planet Security Firewall-Check] Quick, extended security check, checks current endangered ports, clearly laid out, TCP Scan *[http://www.hackercheck.com/ Hackercheck] Quick, easy to use, and concise *[http://crucialtests.com/ Crucialtests] Easy to use & thorough (nmap/nessus based)

    =See also=

    *Windows Firewall *End-to-end connectivity *Access control list *Bastion host *Demilitarized zone (computing) (DMZ)

    =External links=

  • [http://www.faqs.org/faqs/firewalls-faq/ Matt Curtin and Marcus J. Ranum Internet Firewalls: Frequently Asked Questions]
  • [http://www.windowsnetworking.com/articles_tutorials/Firewalls-101.html Firewalls 101] - Explains the inner workings of a firewall and some common firewall features in an easy to understand manner.
  • [http://www.cisco.com/univercd/cc/td/doc/product/iaabu/centri4/user/scf4ch3.htm Evolution of the Firewall Industry] - Discusses different architectures and their differences, how packets are processed, and provides a timeline of the evolution.
  • [http://www.xtradyne.com/products/resources.htm Firewall White papers] - White papers on Web Services XML/SOAP and CORBA IIOP firewall security.
  • [http://www.firewallguide.com/ Home PC Firewall Guide - includes info on free firewalls]
  • [https://www.grc.com/x/ne.dllbh0bkyd2 ShieldsUp] - a web service which can evaluate some aspects of firewall effectiveness
  • [http://www.auditmypc.com/freescan/scanoptions.asp AuditMyPC] - Online firewall test to help secure your system
  • [http://www.pcreview.co.uk/articles/Internet/What_is_a_Firewall/ What is a Firewall] - a guide to computing firewalls, with links to current downloads.
    • *[http://www.metronet.com/~pgilley/freebsd/ipfw A FreeBSD security how-to (ipfw)]
  • [http://soho.hardware-firewall.info/ Comparison of Small Office VPN Firewalls]
  • [http://www.cgisecurity.com/questions/webappfirewall.shtml What is a Web Application Firewall]
    		•