A firewall is a sentry. It stands by a closed gate and only allows those with permission through that gate. It watches what comes (or tries to come) into your computer, and watches what is being sent. It will allow or deny access according to sets of parameters.
That's the simple part.
There's a myriad of different types of firewalls and ways to protect a system or network, and there are as many ways to defeat (hack into) these security measures. The most powerful firewall (I still believe) is a bridge-a computer with two connections. One to the outside world, and one to a local network. It has two network cards, and therefore two IP's. The world can only see one of the IP's, so they don't even knw the other one is there, and that's where the network is. On top of that, it can encrypt everything that goes through it. But even that can be hacked with persistance.
We don't need that for our home computers. Here's the deal with us:
A computer-any computer has thousands of ports (the 'gates'). They are numbered. For example, port 80 is http. That means that when you go to a website, you're connecting to port 80 on the server. Your computer can use any port it wants, but the server has to be "listening" for requests on port 80, because, well, we said so! FTP servers "listen" for connections on port 21.
There is scanning software that can scan thousands of ip's in a matter of minutes, scanning every port (or many ports) on each IP. Right now, hackers are out there scanning away. Normally, your computer keeps its ports closed. But if there's not at least a password, it's not difficult for a hacker to get your computer to open one of its ports. Since your computer is now answering his requests, your computer can become a type of server. It can "serve up" data to the hacker. What data? Depends. could be your Windows license key, or even any files on your hard drive, things like that. Could be a lot worse, if he gains write access.
These scanners search for open ports, and they will let the hacker know if ports are open or closed. A good firewall does neither. It CLOAKS them, (puts them in STEALTH mode), so according to the scanner, there's not even a computer at that IP. The scanner just moves on to the next one. Now, you can't just close up, because then you could never get your email, or browse the web and stuff. No sense even going online! So, certain programs and places have to have permission to communicate through your ports. That's where the firewall configuration comes in. A decent firewall provides controlled access, and stealth on unused ports. Plus, it monitors open ports being used by your internet programs to make sure nothing 'slips' in. Okay, so much for Reader's Digest!
A good not-too-confusing firewall is
Zone Alarm. A good place to check your computer for open ports and get great security info is
http://www.grc.com. Go to the "Shields Up" section.
One last thing: Many viruses will load up in your computer and actually become servers. They will let the person know when you are on line (through IRC, ICQ, email, etc..., and make it real easy for that person to connect to your computer and do whatever they want. Zone Alarm will let you know when a program wants to act as a server, and that's a good defense for anything that might get through your virus protection, which is a necessity. Hope this helps.
Now for a word from our sponsor....
[ November 15, 2001: Message edited by: TWebMan ]
Dilber MC Theme by HarzeM