|
When your computer is connected to the internet, viruses
are spread randomly by attacking certain ports with known
vulnerabilities. |
Nowadays it is very common to hear “you should have a
firewall”. So often are we told of firewalls and their
importance that firewalls are often confused with various other
products and solutions. In this article we will explore what
a firewall is, how it works, and how it can protect your home
computer system.
Computers communicate with each another via various ports.
Ports are names given to various network connections and protocols
your computer uses to communicate with other computers. For
example, your connection to the Internet is through a port protocol
called TCP/IP (Transmission Control Protocol/Internet Protocol)
using common ports such as port 80 (the Web, or http port).
While it might sound complex, the way this works is actually
pretty simple. A malicious user could connect to your computer
and send commands via certain ports and take over your machine.
This is, in its simplest form, hacking. Viruses also spread
this way. When your computer is connected to the internet, viruses
are spread randomly by attacking certain ports with known vulnerabilities.
|
Firewalls simply analyze the traffic attempting to communicate
with your computer and decide whether this traffic is malicious.
How firewalls do this depend on the complexity of the firewall.
|
How do firewalls help in all of this? Well, firewalls simply
analyze the traffic attempting to communicate with your computer
and decide whether this traffic is malicious. How firewalls
do this depend on the complexity of the firewall. A hardware
firewall is a separate device, similar to a router, which inspects
all data traffic destined for your computer and analyzes that
traffic. Based on certain rules, it will either allow that traffic
to speak with your computer or deny it. A software firewall
does the same thing but it is a program that runs on your computer.
Software firewalls are inherently less reliable because they
are running on your computer and therefore must make decisions
(allow or deny) quickly and only after the
traffic has attempted to communicate with your computer.
Firewalls simply allow or deny communication with your computer.
OK, so what do they protect us from?
Hackers: Hackers, or crackers as they are more appropriately
called, attempt to gain access to your computer strictly for
malicious purposes. They might be trying to steal information
from you or, more likely, they want to use your machine to attack
other machines. Either way, the end result is that your property
is hijacked and used maliciously. When a hijacker sends a command
to a specific port, the firewall will analyze the command and
decide if it should allow it or not.
Sometimes, firewalls can be fooled and a hacker gets in. More
often than not, however, the firewall will make the right decision
and deny that traffic or command to your computer.
Certain Viruses
Some viruses attack by randomly scanning a whole block of computers
and looking for particular open ports. If your firewall is blocking
access to those ports because it knows they should not be open,
you will not be infected. Or, if a virus attempts to gain access
through an open port, the firewall will analyze the communication
and hopefully deny the virus from gaining entry once it realizes
that it is malicious traffic.
|
Viruses executed locally (meaning, you double click an infected
file accidentally or open an infected email) will not
be stopped by a firewall since you ran
the virus. |
However, a firewall will not protect you against
a virus contained in an attachment that you execute. Viruses
executed locally (meaning, you double click an infected file
accidentally or open an infected email) will not
be stopped by a firewall since you ran the
virus. The firewall will let you do whatever
you want, so if you run a virus program on your computer, you
will be infected. Firewalls only protect against viruses that
attack ports and infect without the users knowledge. NIMDA and
SASSER are two of the more recent examples of viruses that attacked
without requiring any user intervention. All that was required
was that the computer not have firewall protection
and be connected to the internet.
How to Protect Ourselves
Hardware firewalls are often expensive and require a professional
to install and configure. They are often necessary in a corporate
environment where data must be protected and communications
scrutinized closely for risk of a hacker gaining access to the
corporate network.
|
In a home environment, software firewalls are not only easy
to obtain, but some are even free! |
In a home environment, software firewalls are not only easy
to obtain, but some are even free! In fact, Windows XP includes
a free firewall. It is not the worlds’ greatest firewall,
but it will protect against basic threats and could make all
the difference.
If you are using Windows XP, you can enable the firewall in
Control Panel.
- Look for the Windows Security Center and simply “enable”
the Windows firewall within the security center.
If you do not have Service Pack 2 (which installs the Security
Center) you can enable the firewall by going into"
- Control Panel > Network Connections > and then right-clicking
your network adapter and selecting “properties”.
Across the top, of the window that opens, look for the advanced
tab. Click “Advanced”, and then click the checkbox
to “enable Windows Firewall”.
Another Free solution is go to http://www.zonelabs.com/
and download and install the latest free version
of ZoneAlarm. ZoneAlarm is a free software firewall that is
much more comprehensive than the Windows firewall. ZoneAlarm
not only checks inbound connections to your computer, but it
examines outbound connections to other computers as well. This
is helpful to professionals to examine your computer and see
if it has already been compromised in some way and is attempting
malicious communication with other machines.
|
It is not a question of if you will be
hacked, but when you will be hacked if
you do not have a firewall. With the options available,
there is no excuse. Protect yourself and get a firewall
right away. |
Today, firewalls are not only a good idea, they are necessary
for safe computing. With so many malicious programs constantly
scanning the internet for vulnerable machines, working without
a firewall is simply too risky. It is not a question of if
you will be hacked, but when you will be hacked
if you do not have a firewall. With the options available, there
is no excuse. Protect yourself and get a firewall right away.
Also, be sure to always download and install the latest Windows
Updates to protect your computer against the latest vulnerabilities
discovered by the folks at Microsoft.
Lou Costa is a Microsoft Certified Systems Administrator.
You can contact Lou at Lou@ArcBusSol.com.
