What Is a Firewall - Report Example

?Client’s 18 May Introduction The invention of the internet has made life unimaginably easier, one can shop online, transfer moneyonline, book movie tickets online, book airline tickets online and in addition to this complete a host of other important tasks with just a few clicks. Websites like Amazon and Ebay have taken online selling to the next level. When there are so many pros, one ought to fine cons too. There have been several instances of hacking in the past; recently the American intelligence website was hacked, credit card numbers are stolen on a regular basis. Considering all these cons, one must ensure that a good firewall is in place to keep the hackers at an arm’s length, keeping them at bay is an arduous task. This paper will shed light upon internet firewall security and how a good firewall can protect a person from malware, Trojan horses and other undesirable viruses. “The term "fire wall" originally meant, and still means, a fireproof wall intended to prevent the spread of fire from one room or area of a building to another. The Internet is a volatile and unsafe environment when viewed from a computer-security perspective, therefore "firewall" is an excellent metaphor for network security.” (What is a firewall?) Firewall is not something general, it means several specific things and it is supposed to do several important things to ensure that a user is safeguarded against attacks. Packet filtering is perhaps the most important job of a regular firewall. All the internet activities like downloads, chats and so on are done in packets, and these packets contain information. Firewall must ensure that these packets are either allowed or disallowed based on the source of the internet protocol address known as the IP address. The destination port of these packets is also very important, the firewall is supposed to allow or disallow these packets purely on the basis of their destination port. Firewall must follow a protocol and allow or disallow packets or information based on the set protocol. This method of packet filtering is highly effective against malware and other dangerous attacks but this is not a foolproof plan. All traffic can be blocked by a firewall which does not make much sense; it should allow certain packets which are safe for the user to receive. It has its weaknesses like it becomes very difficult for a basic firewall to detect spoofing which means the information contained in the packets is falsified. Allowed packets may contain a bug which can retrieve a password and cause unwanted actions, a basic firewall is vulnerable to these dangers. Circuit relay is another type of firewall which provides enhanced security, application level gateway is perhaps the most advanced of all and provides even better security. Static Packet Filtering: “Static packet filtering is a firewall and routing capability that provides network packet filtering based only on packet information in the current packet and administrator rules.” (Statistic Packet Filtering) Static packet filtering is based on the following important things: The administrator defines rules. The allowed ports and IP addresses are set by the administrator and only the allowed ports are allowed to send and receive packets. The transport layer contents, the network and the packet contents are all determined by the administrator. Better level of security is provided by the dynamic packet filtering. Static packet filtering does not look at the contents closely, on the contrary dynamic packet filtering screens contents very closely, previous connection states are also considered by dynamic packet filtering which static packet filtering fails to do. The packet headers are very important under static packet filtering, the information stored in the headers determines whether packets should be allowed or dropped. These headers are compared against the control policy which is set by the administrator. Below is an illustration which presents the same concept very comprehensively. (Static Packet Filtering, 2011) SPI for Main Border Firewalls: SPI stands for Stateful Packet Inspection. The SPI is the most dominating technique when it comes to main border firewalls. Its flexibility is one of its biggest pros; it is capable of handling almost anything like ICMP flow, UDP and TCP. If only one FW is used then this is the best choice, no other thing can ever come close to it when only one FW is used. Some SPI are more than capable of doing application-level filtering. It is very simple and very reasonably priced; it is least expensive when it comes to security and safety measures. It has a few cons too; the user may find that the ACL rules may be too complex. The ongoing connections are filtered easily and quickly, this is another of its pros. It could take a lot of time if the connection table has grown large. It is arguably the most cost effective. A standard operating system is good enough to ensure its smooth functioning. Network Address Translation (NAT): An entire group of computers can be represented by a single IP address thanks to NAT; NAT allows a single device to act as an agent between a local network and the internet. It is ideal to use NAT these days because there is a severe shortage of IP addresses. This is not the only reason to use NAT; there are a host of other reasons also to use NAT. NAT can be understood with the help of an opportune example, a receptionist is the one who is responsible for forwarding calls or dropping them, you can request the receptionist and tell her to forward a specific call if you are expecting it, the receptionist checks the call and confirms the extension when an important client calls and the receptionist knows that this is an important call and it should be forwarded. NAT does exactly the same; it can allow or disallow several packets depending on the set of rules laid out. Static NAT, Dynamic NAT, Overloading and Overlapping are some of the types of NAT. These work in different ways and perform a plethora of operations. NAT can also be used as a firewall; it can easily keep external connections to the network at bay. Port number translation is also carried out by NAT. 65k connections can use a single IP address. Below is an illustration which will shed more light upon how NAT works. (NAT, 2011) Conclusion Lastly, there are a lot of problems that firewalls usually face, the desirable services are often blocked by firewalls. For instance, EA Sports FIFA game may be blocked by a firewall from launching, this can be very hard to detect and the user may think that he has graphic card problems or his Direct X files are outdated. It can cause a lot of chaos and discomfort. Firewalls offer a huge potential for backdoors, this has been exploited to the very maximum by several hackers. Insider attacks can be very difficult to prevent and firewalls have done very little to prevent insider attacks. Newer clients have not been designed to work particularly well with firewalls; this can result in a serious and a very damaging attack on a system which may not be detected by a firewall. Firewalls many a time forward multiple IP transmissions without even checking them properly; these transmissions can easily contain malicious data which might easily harm a user. Bottleneck is another problem, all the data must pass through a firewall and this causes a bottleneck. “A firewall system concentrates security in one spot as opposed to distributing it among systems. A compromise of the firewall could be disastrous to other less-protected systems on the subnet. This weakness can be countered; however, with the argument that lapses and weaknesses in security are more likely to be found as the number of systems in a subnet increase, thereby multiplying the ways in which subnets can be exploited.” (Other Issues) In spite of these limitations and disadvantages it is recommended to use a firewall to block any packets which may contain malicious data. References NAT (2011). Firewalls. Retrieved from http://www.cse.chalmers.se/edu/year/2010/course/EDA491/slides/8.%20Firewalls.pdf Other Issues (2013). Little Protection From. Retrieved from http://www.vtcif.telstra.com.au/pub/docs/security/800-10/node43.html#SECTION00534000000000000000 What is a firewall? (2013). PC Help. Retrieved from http://www.pc-help.org/www.nwinternet.com/pchelp/security/firewalls.htm Read More