HomeSitemapForums  

What is a Firewall?

All Internet traffic is basically an exchange of individual data packets. Each packet is sent from one PC to another PC.  To make that transfer possible, each Internet data packet must contain a destination address and  a port number. To make it clear to the receiving computer who sent the package, the IP address and port number of the sender is included as well.

The Firewall is setup in such a way that each packet sent, is checked at the moment your computer receives it, prior it will be handed over to any other software (Browser, Email Client).

TCP/IP-ports are opened only when your computer sends a reply. If, however, the received packet has been denied by the Firewall, said port disappears from the internet. No one, or nothing can connect thorough said port.

The power of a good Firewall lays in how it selects what it allows and what it denies. As each packet contains the IP address of the sender (who expect a reply) the Firewall can interact in a very selective matter.

While surfing, your computer connects with Web Servers, which contain every possible IP address available. Obviously, you may not block all IP addresses, but need to avoid some monkey out there in the jungle, connects with your computer. Piece of cake for the Firewall as at both ends of the Internet connection answers to each other. Each packet sent between two computers includes a so called "ACK" - acknowledge - bit, which confirms towards the sender that the data sent, was received. The firewall detects if a received packet is a attempt to initialize a connection, or if it is an answer on previously sent data (requested answer). Data packets which are part of a communication are allowed, Data packets which initializes (or tries to) make a new connection are blocked.

Most Firewalls, including the free to download do all the above, pretty well. There are in fact a number of "free firewalls", Zone Alarm, Nuke Nabber, Tiny Personal Firewall, to name a few. Nuke Nabber is a no way to consider. It contains Spyware. Zone Alarm is a controversial Firewall. Some don't have any problem with it, while with others it causes problems. Tiny has a good reputation. But, those do not offer the protection you need, and what you get with commercial Firewalls. Zone Alarm Pro has been pointed out as the best, by a Publisher, Norton Personal Firewall was a close runner up. Trend Micro's  was not included in the test. None of the "free ones" passed the test. My preference goes to Trend Micro and Norton though, despite the test mentioned.

What those "commercial" Firewalls do better is at the application level. They interpret data embedded in the packets to allow or to block, based on the source and the destination. The Firewalls with Application Levels, handles, and interpret the dialogue between sender and receiver. A good example here is the problem that can occur with Microsoft's file and printer sharing: the lack to put limits on log in attempts. An Application Level Firewall, can and will keep an eye on port 139 and block communication if any tries a "brute force hack" on it. In addition, the Firewall will block the IP address of the hacker to access any other port (the so called Black List).

Copyright (c) 2002   rr  All Rights Reserved

 

 

   Site Map

    Copyright 2001-2005 Margaret Walker