All
Internet traffic is basically an exchange of individual data packets.
Each packet is sent from one PC to another PC. To make that transfer
possible, each Internet data packet must contain a destination address
and a port number. To make it clear to the receiving computer who
sent the package, the IP address and port number of the sender is
included as well.
The
Firewall is setup in such a way that each packet sent, is checked at
the moment your computer receives it, prior it will be handed over to
any other software (Browser, Email Client).
TCP/IP-ports are opened only when your computer sends a reply. If,
however, the received packet has been denied by the Firewall, said
port disappears from the internet. No one, or nothing can connect
thorough said port.
The
power of a good Firewall lays in how it selects what it allows and
what it denies. As each packet contains the IP address of the sender
(who expect a reply) the Firewall can interact in a very selective
matter.
While
surfing, your computer connects with Web Servers, which contain every
possible IP address available. Obviously, you may not block all IP
addresses, but need to avoid some monkey out there in the jungle,
connects with your computer. Piece of cake for the Firewall as at both
ends of the Internet connection answers to each other. Each packet
sent between two computers includes a so called "ACK" -
acknowledge - bit, which confirms towards the sender that the data
sent, was received. The firewall detects if a received packet is a
attempt to initialize a connection, or if it is an answer on
previously sent data (requested answer). Data packets which are part
of a communication are allowed, Data packets which initializes (or
tries to) make a new connection are blocked.
Most
Firewalls, including the free to download do all the above, pretty
well. There are in fact a number of "free firewalls", Zone Alarm,
Nuke Nabber, Tiny Personal Firewall, to name a few. Nuke Nabber is a no
way to consider. It contains Spyware. Zone Alarm is a controversial
Firewall. Some don't have any problem with it, while with others it
causes problems. Tiny has a good reputation. But, those do not offer
the protection you need, and what you get with commercial Firewalls.
Zone Alarm Pro has been pointed out as the best, by a Publisher, Norton
Personal Firewall was a close runner up. Trend Micro's was not
included in the test. None of the "free ones" passed the test. My
preference goes to Trend Micro and Norton though, despite the test
mentioned.
What
those "commercial" Firewalls do better is at the application level.
They interpret data embedded in the packets to allow or to block,
based on the source and the destination. The Firewalls with
Application Levels, handles, and interpret the dialogue between sender
and receiver. A good example here is the problem that can occur with
Microsoft's file and printer sharing: the lack to put
limits on log in attempts. An Application Level Firewall, can and will
keep an eye on port 139 and block communication if any tries a "brute
force hack" on it. In addition, the Firewall will block the IP address
of the hacker to access any other port (the so called Black List).
Copyright (c) 2002
…ÞrÌñ¢è÷ßüš†ër…
All Rights Reserved