Inbuilt Linux and Windows Firewall - Essay Example

Inbuilt Linux and Windows Firewall s 22nd February Introduction Windows and Linux are two of the most commonly used operating systems in the world. Linux is a widely available operating system that is accessible, flexible and open source with many users. The most significance difference between Linux and Windows operating system is its open source nature. Open source encourages speedy discovery and reporting of security threats through a peer-reviewed system. The peer-reviewed structure is thorough and covers trivial issues that are unlikely to be exploited by a hacker of attacker (Sawicki, 2006). If a security problem is discovered, it is immediately fixed before anyone suffers from an attack. In comparison with the closed nature of Windows operating system where security flaws are reported after a successful attack. In the Windows platform, security through obscurity is employed as an effort of bringing down the number of attacks. But, it has been discovered that this tactic exposes a large base of users to attack when the secret leaks out. The number of attacks on Windows based platform proves that this tactic does not work. Firewalls Basic Functionalities and Configuration of a Linux Firewall Linux operating system utilizes IP tables that are highly flexible, they are easy to use and are ideal for Linux novice users. IP tables is a firewall that is controlled by a command line and uses the policy chains from the user to block or allow traffic. When an incoming connection makes an attempt to establish itself on the system, IP tables contains a list of rules where it searches for a match to tie it to. If the IP tables fails to find a rule, it performs the default action. IP tables are pre-installed on any Linux based operating system, to update and install, the user can retrieve the IP tables package by typing; Sudo apt-get install IP tables. Linux also comes with a graphic user interface (GUI) for IP tables such as Firestarter. Using the command line requires caution from the user especially through the first few commands. To prevent lockout from SSH servers, the user should take caution when configuring rules for IP tables. Types of Chains IP tables uses three types of chains, they are; input, output and forward. Input; this chain controls the behaviors of all incoming connections. For instance, if a user attempts to SSH to a personal computer or a server with IP tables. His or her user’s Internet protocol address (IP) and port will be matched to a rule found in the input’s chain. Forward; used for incoming connections that are not delivered locally.Outputs; used for outgoing connections like pinging other websites. IP tables will run a check on its output chain to discover the rules of the ping action and the site before allowing or denying any connection attempt. Before configuring specific rules, the user must decide the default behavior of each of the three chains. To check what the IP tables policy chains are configured to do with the unmatched traffic, run IP tables –L command. The system should be configured to accept connections, for example; IP tables –input ACCEPT. This allows the user to direct the IP tables to deny precise parts or IP addresses while accepting other connections. If the user wishes to deny all connections but manually select the ones to connect or allow, the default policy should be changed to DROP. For example, IP tables –policy OUTPUT DROP on the command line. This action is very useful for servers that contain sensitive data and also with the same IP addresses connecting to them (Howtogeek.com, 2015). After configuring the policy chains, the user can configure IP tables to block or allow specific addresses, ports and address ranges. The user can switch between accept or reject depending on how the policy chains are configured or according to his or her needs. To prevent all connections coming from the IP address 11:11:11:11; IP tables –A INPUT –S 11:11:11:11 –j DROP. To block all IP addresses in the 11:11:11:11/24 network range, the user, can use a netmask to specify a range of IP addresses. To save changes made to the IP tables run; Sudo /sbin/IP tables-save. A lot of protocols require two-way communication. To allow SSH connections to the system, the output and input chains need a rule added to them. Connection states allow two-way communication but allow one-way connection (Howtogeek.com, 2015). Windows Firewall Windows contains an easy to use firewall protecting your personal computer from inbound traffic. For example; the inbuilt Windows seven has powerful options and also contains an advanced interface for system administrators. Inbound Traffic Windows seven’s firewall is made to run with little user input. The firewall prompts the user when a program acts as a server and also specify’s whether the network is a work, public or home network. If a program wants to accept incoming connections from the Internet, Windows firewall will block incoming connections and ask whether to allow or block them. Users ca control from firewall with Windows firewall control panel that is located under system and security found in the control panel. To control programs that are allowed to access the world wide web, click on Allow a program or a feature through Windows firewall that appears on the left-hand side of the desktop. By clicking the change settings options, users can check the boxes to choose which programs that will receive connections on public or private networks. The user can also click on allow another program button to allow specific programs to accept Internet access (Hoffman, 2012). Outbound Traffic The Windows seven firewall allows programs to create outgoing connections to the Internet without the user’s confirmation. The Windows seven firewall does not prompt the user when a program wants to access the Internet. To access this feature, click on advanced settings inside the control panel. At the advanced settings option, select outbound rules and choose a new rule. The user can select the wizard to specify the programs and click to block this connection. Users can prevent any program from the prompt that appears every time a program attempts to access the Internet. Advanced settings allow the creation of rules and filter traffic based on IP addresses, ports and associated programs (Hoffman, 2012). Comparing Windows and Linux Firewall The Linux firewall has functionalities and capabilities that rival commercial firewalls. The rules allow extensive control over stateful and stateless packet filtering. Linux firewall is extensible and allows new user capabilities as the need arises. Linux is a network administrator’s dream, it allows port translation and packet mangling. It also allows translation proxies, policy routers and sophisticated quality of service (QoS). The firewall on Linux has a lot of functionalities that challenges simple interfaces. It’s only drawback is the configuration part that would create a challenge even to window’s administrators. Windows firewall allows the blocking and unblocking of all the connection requests. It blocks computer viruses, worms and creates a log of successful and unsuccessful attempts to connect to the personal computer. Windows firewall is easily customizable and easy to configure and by default, it blocks all incoming traffic. Windows firewall allows users to add ports that allow traffic from networks (Jeremiah, 2015). Windows offers thorough traffic blocking that protects both the user and the administrator. The Windows firewall automatically turns itself on, coordinates with security center, offers boot time security and protects the hard drives. The main disadvantage of a Windows firewall is itss failure of the leak test. This means that the user’s data can leak through the firewall; it does not match up to commercial firewall products. Conclusion Using a firewall on Windows and Linux platforms is the best option. Firewalls can protect the system from attacks. The Linux firewall is much more complex and offers more functionality than the Windows inbuilt firewall. Linux firewall can match up to third party Windows firewalls. On the other hand, the Windows firewall is easy to use making it ideal for novice users. On the Linux system, configuring the firewall requires extreme caution especially if one is connected to a server. Working with the command line requires a high level of profesionalism from the user and this type of configuration is unsuitable for novice users. Overall, Linux’s inbuilt firewall is much better compared to Windows inbuilt firewall. References Hoffman, C. (2012). Windows 7 Firewall: How It Compares Against Other Firewalls. MakeUseOf. Retrieved 22 February 2015, from http://www.makeuseof.com/tag/Windows-7-firewall-compares-firewalls/ Howtogeek.com,. (2015). The Beginner’s Guide to IP tables, the Linux Firewall. Retrieved 22 February 2015, from http://www.howtogeek.com/177621/the-beginners-guide-to-IP tables-the-linux-firewall/ Jeremiah, S. (2015). What Are the Benefits of Windows Firewall? | eHow. eHow. Retrieved 22 February 2015, from http://www.ehow.com/list_6101045_benefits-Windows-firewall_.html Sawicki, E. (2006). Windows vs. Linux Security. Biznix.org. Retrieved 22 February 2015, from http://www.biznix.org/articles/winlinsecure.html Read More