Firewall Security

A firewall uses a set of methods to control traffic that’s getting in and out of your PC or network. You can configure which of these methods your firewall should use, or for full safety, you can let all of them work, which sometimes diminishes the pleasure of browsing the Internet freely. Here are some of the ways a firewall controls traffic:

Firewall Security

Packet Filtering – A packet is a small bundle of information bytes, which is the way data travels over the Internet. Each packet is analyzed by the firewall’s filters, packets that pass the test are sent through, while the packets that don’t pass are stopped.

Stateful Inspection – A new method in packet filtering is the stateful inspection. Using this method, the firewall doesn’t scan all the content of the packets, however it compares key parts of the packet to a database of trusted information. If the comparison has a reasonable match, the information is allowed through.

IP blocking – If a certain IP address outside the firewall is reading too many files from the server, the firewall can block all traffic from or to that specific IP address.

Domain name blocking – this works in the same manner the IP blocking does, but you can choose to block access to and from a specific domain name by adding the www address in the blocked sites list.

Protocol blocking – you can “tell” your firewall to always block connection attempts through a series of protocols. This option is commonly used for telnet protocols (which are used to perform commands from a remote computer) and for FTP or File-Transfer-Protocol (which is used to download and upload files).

Ports – Any server machine makes its services available to the Internet using numbered ports, one for each service that is available on the server (see How Web Servers Work for details). For example, if a server machine is running a Web (HTTP) server and an FTP server, the Web server would typically be available on port 80, and the FTP server would be available on port 21. A company might block port 21 access on all machines but one inside the company.

Specific words and phrases – This can be anything. The firewall will sniff (search through) each packet of information for an exact match of the text listed in the filter. For example, you could instruct the firewall to block any packet with the word “X-rated” in it. The key here is that it has to be an exact match. The “X-rated” filter would not catch “X rated” (not linked with a “-“). But you can include as many words, phrases and variations of them as you need.