The purpose of a firewall?

vbimport

#1

Maybe sounding a bit dumb here …but…what exactly does a firewall do that your anti-virus softwear doesnt ??

(bj proc?)


#2

Keeps invasive web sites from accesing your system. If their IP is on the firewall blocked list thay can not access your system. Anti-Virus is good but there is a period of time from when a virus is first discovered and the time an AV company puts out a fix. Those are the worst of times and no shortage of them as of late. A router is a real good first line of defense, even if you only have one computer. Consider one. they are cheap and easy to use.
Best of luck in you choice Bk :slight_smile:


#3

Depends on the setting. Generally it blocks access through ports, by closing them, in and out unless you give a programme permission to access the web. Some are more IP reliant than others, but as I understand them the ports are the main things the firewall blocks off.

I mentioned setting mine is on tight, one step down from a complete lockdown of the system, therefore my firewall asks my permission when ever anything makes its’ frst attempt to access the web, sp that I can allow or block it.

Consider it a bit like a fortress with a gate and the applications list is the guard allowing access or blocking it. This is why you shouldn’t look at the list of IPs in the list of blocked “attacks” because it can be frightening at how long it is all you need remember is as long as it is in the list it has been blocked.

Anti-virus does not prevent incoming or out going connections and until recently didn’t deal with spy/adware, though some are now doing this, therefore the firewall would prevent such applications from actually reporting back. Though with worm protection some avs now block connections from accessing your PC if they have the signature of a known worm. Norton has done this for me 4 times in the last two days.


#4

Good explanations above…
bk…thank God you’ve shortened that name [bkf], I mean the problems you’ve caused…lol

You may want to take a look at grc - Shields Up website, here. Read over the statements, then click proceed. On the second page there is a ton of very useful info and tools. Click on “All Service Ports” and your system will be scanned and you’ll actually be able to watch this and see the test results. It’s safe and free.

Lots of folks (like me) use a hardware firewall (ie., a router) as well as software. As long as there’s no conflicts…no problem.

Good luck.


#5

yes it does sound dumb, but in having meet you, i’m not surprised about your question :bigsmile:

good explanation above as stated, now get back to work :rolleyes:


#6

if you have a router with a built in firewall can you scrap your softfirewall or do you really need both…


#7

Having a software firewall is still a good idea. After al what is to stop a worm or virus using ports that you have open on a router? At least with a software firewall you actually have to give permission for a programme to access the web.


#8

Router firewall stops nasties coming in but not going out. so if somehow you let something nasty in - you give it permission to enter your machine - a hardware firewall may not stop it phoning home to the mothership.

A number of people argue that if you have a hardware firewall you don’t need a software firewall. This view is often associated with macho deficiency syndrome - trying to prove that they can surf without any unnecessary protection.

My view is have both - kerio is still free - and does not harm at all if installed and configured properly.


#9

im not sure how to take that :confused:

I have used GRC often, not only for shields up and acording to GRC you can’t get into this thing with a nuclear hand gernade except for this one port that seems to have all this streaming data coming through it :bigsmile:


#10

@ bkf, probably best to take just as a lame attempt at some humor…no deep or profound intent…that’s for certain. I thought I had just read a post…?yesterday, about the abbreviation from bkf to bk…maybe I just misunderstood or my dementia is as bad as my wife claims… :eek:


#11

You read right. I like Bk better. And no it don’t stand for Burger King


#12

Well you realy should stop allowing people to watch you on your webcam, either that or stop watching the “educational naturist films” streamed to yur PC to reduce the traffic.


#13

Some day your going to have to tell me how to do all those funky smiles without making an attachment :iagree:


#14

Image host, I use http://www.imageshack.us/ upload the smilie and then add the image link (direct link option) using the image option in advanced posting.

Now back on topic. A router works basically in the same way as windows own firewall software, stops things coming in but not going out, going by what harry has said.


#15

The weak point always sits in front of the monitor/computer.

A properly configured firewall and router is the best way to decrease issues and trouble.


#16

True, true, I bought a case badge for a friend about this it is a play on the “Intel Inside” logo but is “Idiot Outside”.

The keyword being decrease, as there is nothing that will protect your PC 100% and still allow you to use the internet.


#17

I agree with chef:

:iagree:


#18

Purpose of a Firewall ( This data was taken from network security)

A firewall is basically the first line of defense for your network. The basic purpose of a firewall is to keep uninvited guests from browsing your network. A firewall can be a hardware device or a software application and generally is placed at the perimeter of the network to act as the gatekeeper for all incoming and outgoing traffic.

A firewall allows you to establish certain rules to determine what traffic should be allowed in or out of your private network. Depending on the type of firewall implemented you could restrict access to only certain IP addresses or domain names, or you can block certain types of traffic by blocking the TCP/IP ports they use.

There are basically four mechanisms used by firewalls to restrict traffic. One device or application may use more than one of these in conjunction with each other to provide more in-depth protection. The four mechanisms are packet-filtering, circuit-level gateway, proxy server and application gateway.

A packet filter intercepts all traffic to and from the network and evaluates it against the rules you provide. Typically the packet filter can assess the source IP address, source port, destination IP address and destination port. It is these criteria that you can filter on- allowing or disallowing traffic from certain IP addresses or on certain ports.

A circuit-level gateway blocks all incoming traffic to any host but itself. Internally, the client machines run software to allow them to establish a connection with the circuit-level gateway machine. To the outside world it appears that all communication from your internal network is actually originating from the circuit-level gateway.

A proxy server is generally put in place to boost performance of the network, but can act as a sort of firewall as well. Proxy servers also hide your internal addresses as well so that all communications appear to originate from the proxy server itself. A proxy server will cache pages that have been
requested. If User A goes to Yahoo.com the proxy server actually sends the request to Yahoo.com and retrieves the web page. If User B then connects to Yahoo.com the proxy server just sends the information it already retrieved for User A so it is returned much faster than having to get it from Yahoo.com again. You can configure a proxy server to block access to certain web sites and filter certain port traffic to protect your internal network.

An application gateway is essentially another sort of proxy server. The internal client first establishes a connection with the application gateway. The application gateway determines if the connection should be allowed or not and then establishes a connection with the destination computer. All communications go through two connections- client to application gateway and application gateway to destination. The application gateway monitors all traffic against its rules before deciding whether or not to forward it. As with the other proxy server types, the application gateway is the only address seen by the outside world so the internal network is protected.

Pros and Cons

Each of these mechanisms has its drawbacks as well as its advantages. The application gateway is considered to be a more advanced and secure firewall mechanism than the other three, but it uses more resources (memory and processor power) and can be slower. Packet filtering is generally faster and easier to implement, but is susceptible to attack from users faking their source IP address (IP spoofing)or source port to trick your firewall into thinking that the traffic should be allowed through.

To beef up packet filtering security, stateful inspection packet filtering, or stateful packet filtering (SPF) was introduced. Essentially, SPF performs the same as a packet filter, but with a couple of added measures.First, it looks at more details from each packet to determine what is contained within the packet rather than simply who and where it is from (or allegedly from). Second, it monitors communications between the two devices and compares the traffic not only to the rules it has been given, but also to the previous communications. If any communication seems out of context or out of the ordinary based on previous traffic the packet is rejected.

Many home routers come with built-in firewall capabilities. Generally, these tend to be simple packet filters. You can block all incoming connections on all ports if you are not acting as a server for anything. If you want to publish a web page from your computer, you would need to allow incoming traffic on Port 80 to get to your computer. If you want to be able to download files from your computer from outside using FTP, you would need to allow incoming connections on Port 21. A basic rule of security though is to start with the most restrictive and only open holes where it seems necessary.
In addition to the hardware firewall built into routers, there are also software applications called personal firewalls that you can run on your computer. These personal firewall applications monitor all incoming and outgoing communications on your computer as well as what services are trying to interact with what other services. See my Top Personal Firewall Products for more information.

There are new vulnerabilities and flaws discovered everyday which could allow a hacker to break into your computer, take control of it for use in a denial-of-service attack or steal or destroy your data. Keeping your software patched and running updated antivirus software are very important pieces of the puzzle, but having a firewall block incoming connections in the first place is definitely a wise idea as well. No one security solution will solve everything. The more lines of defense you have in place, the harder it is for hackers to get in and the safer you will be.

:cool: :cool: