Effective Tips: Prevent Network Attacks with Firewalls

You have a network of computers and your network is connected to the internet. Then you need to keep out intruders from accessing resources and information on your network. Firewall software is your first line of defense.

What is a firewall?

It is a protection for your computer. Network firewall software acts as a barrier between your computer or an internal network and the internet or the external network. Personal firewall software protects your computer from the attacks from the internet. The protection depends on the permissions according to which access to a site can be allowed or blocked. You can block all unnecessary traffic into and out of the network or computer. By doing this your computer or network is more secure.

The permission is a set of rules that would allow certain IP addresses or domain names into your network. You can block certain types of traffic by configuring the TCP/IP ports. Thus malicious code that uses particular ports can no longer enter your system.

Firewalls have different types of settings that help it block suspicious traffic. These can be at the operating system level with Linux firewall or Win XP firewall. It can be router firewall hardware or even a firewall appliance.

Packet Filtering

This firewall is also called the network layer firewall as the checking done on packets that are inbound based on the rules you give is a network layer function. A packet filter assesses the IP addresses of the source and destination, the source port and the destination port as well as the protocol used TCP/UDP. The rules of packet filtering determine whether the IP addresses, ports and protocol match its Access Control List. If the comparison turns out positive it allows the packets otherwise the packets are denied entry to the network and are discarded. Packet Filtering is done at the router which is a computer specialized for the task related to networking. Static IP packet filtering is a bit cumbersome because access lists have to be written. These filters are prone to IP spoofing, buffer over runs and ICMP tunneling. The advantage with packet filtering is that it provides a single place protection for the entire network.

Stateful Packet filter

Stateful packet inspection uses the same principle as that of Static packet filters. Checking of the packets is no longer limited to the network layer but goes up to the application layer to see if the packet is a legitimate connection to a given application. It checks the behavior of the packet and if any problems occur it starts blocking packets from the particular source IP address. What is new about this method is that it checks the connection state dependent on the information from previous packets and hence the name. Some companies have incorporated even content filtering into their stateful packet filters.

Continue to : Firewalls and Gateways

Related Articles

How Vulnerable is Your Network?
Can You Find Out who is Intruding Your PC?
Top Network Security Products
Hacking and Network Security

Bookmark this page Email this to your friend Add this page to del.icio.us