|
|
|||||
|
Networking Help PageThe purpose of this page is to provide some technical and customization information for the optimization and securing of your network. Here Are Some Network Resources and TweaksGet The Most Out Of Your Broadband Connection Do you wonder what a firewall is or if you need a hardware and software firewall, or how IP address are assigned. Below are your answers to this and much more.What
Is A Firewall And How Does It Work What Is A FirewallA firewall is hardware, software, or a combination of the two that
prevents unauthorized access to or from a private network. Think of it as Internet customs and immigration. The firewall is the
agent that checks each item entering or leaving the network. Each item
must pass the right criteria in order to make it through. So a hacker
attempting to enter the network of Washington State with a Chilean Apple
would be stopped at the border. There are three major types of firewalls: A packet filter looks at
each packet entering or leaving the network and accepts or rejects it
based on user-defined rules. Packet filtering is fairly effective and
transparent to users, but it is difficult to configure. In addition, it is
susceptible to IP spoofing. A proxy server (also known
as application gateway) intercepts all messages entering and leaving the
network. The proxy server effectively hides the true network addresses.
Proxies forward messages between clients and servers by appearing to
the client (e.g. a Web browser) as a server and appearing to the server
(e.g. Web server) as a client. Hence, the client talks to the proxy which
then decides whether the communication should be forwarded to the server
and if it does, it contacts the server and forwards the messages to
it. Proxies can handle complex protocols (which packet filters cannot),
because they implement a complete set of a client and a server for each
protocol. The drawbacks are performance and limited number of supported
protocols. Stateful inspection
combines the speed and broad protocol support of packet filters with the
security and support of complex protocols of proxies. It does it by
inspecting all the traffic, looking for security-related information, and
using this security-related information to make smart decisions regarding
which traffic should be accepted and rejected. In practice, many firewalls use two or more of these techniques in
concert. The problem with firewalls: Firewalls are still very difficult to configure and monitor. Yet a
firewall is only as good as its settings. It's best to take a couple
additional steps to ensure your safety. Firewalls are most effective if you use a combination of hardware and
software. Use both a hardware router and a software firewall if you have a
broadband connection. If you're running XP or 2000, make sure all your drives are on an NTFS
partition so you can password-lock the network drives. Your computer is
like an apartment building. You can lock the front gate, but you won't be
as safe as you would be if you also lock the door to your apartment. A
password-protected NTFS drive locks down all the doors between you and the
outside world. Firewalls will one day be configured using more natural processes,
similar to the way humans talk about security. Also, managed security
services -- outsourcing one's security to a company that has unique
security expertise -- is a growing trend.
|