160 likes | 296 Vues
Introduction to Firewalls. TEC 236. What is a Firewall?. A firewall is hardware, software, or a combination of both that is used to prevent unauthorized programs or Internet users from accessing a private network and/or a single computer. What is a Firewall?.
E N D
Introduction to Firewalls TEC 236
What is a Firewall? • A firewall is hardware, software, or a combination of both that is used to prevent unauthorized programs or Internet users from accessing a private network and/or a single computer
What is a Firewall? • A security system that acts as a protective boundary between a network and the outside world • Isolates a computer or network from the “outside” based on a defined set of rules • Inspects each individual "packet" of data as it arrives at either side of the firewall • Maintains a state table • Determine whether traffic should be allowed to pass or be blocked
Rules Determine WHO ? WHEN ? WHAT ? HOW ? INTERNET My PC Protected Network Firewall
Hardware vs. Software Firewalls • Hardware Firewalls • Protect an entire network • Implemented on the router level • Usually more expensive, harder to configure • Software Firewalls • Protect a single computer • Usually less expensive, easier to configure
How does a software firewall work? • Inspects each individual “packet” of data as it arrives at either side of the firewall • Inbound to or outbound from your computer • Determines whether it should be allowed to pass through or if it should be blocked
Firewall Rules • Allow – traffic that flows automatically because it has been deemed as “safe” (Ex. Meeting Maker, Eudora, etc.) • Block – traffic that is blocked because it has been deemed dangerous to your computer • Ask – asks the user whether or not the traffic is allowed to pass through
What a personal firewall can do • Stop hackers from accessing your computer • Protects your personal information • Blocks “pop up” ads and certain cookies • Determines which programs can access the Internet
What a personal firewall cannot do • Cannot prevent e-mail viruses • Only an antivirus product with updated definitions can prevent e-mail viruses • After setting it initially, you can forget about it • The firewall will require periodic updates to the rulesets and the software itself
Considerations when using personal firewall software • If you did not initialize an action and your firewall picks up something, you should most likely deny it and investigate it • It’s a learning process (Ex. Spooler Subsystem App) • If you notice you cannot do something you did prior to the installation, there is a good chance it might be because of your firewall
Examples of personal firewall software • ZoneAlarm <www.zonelabs.com> • BlackICE Defender <http://blackice.iss.net> • Tiny Personal Firewall <www.tinysoftware.com> • Norton Personal Firewall <www.symantec.com>
Windows XP Firewall • Currently *not* enabled by default • Enable under Start -> Settings -> Control Panel • Select Local Area Connection • Select the Properties button • Click the “Advanced” tab
Updates to Windows XP Firewall • *Will* be enabled in default installations of Windows XP Service Pack 2 • Ports will be closed except when they are in use • Improved user interface for easier configuration • Improved application compatibility when firewall is enabled
Final Notes • Rule Management • Default Allow vs. Default Deny • Firewalls do NOT Solve the Entire Problem