US-CERT Cyber Security Tip ST04-004 — Understanding Firewalls


US-CERT Cyber Security Tip ST04-004 — Understanding Firewalls

Hey everyone,

     This week’s blog report is about Understanding and using Firewalls.  As always, it’s based on a similar article on the US-CERT website. 

     This article discusses the need for a firewall, the two types of firewalls, and gives you an idea about configuring your firewall.  At the end, it reminds the reader not to be lulled into a false sense of security, because even with an Anti-Virus, Firewall, and Anti-Spyware, you still have to be vigilant.

     The basic concept of a firewall is this (here’s an analogy for you).  Imagine your computer as a house with 65,535 doors in it.  All of them are open, so anyone can come and go as they please.  A firewall does three things.  1)  It closes these doors.  2)  It hides the doors from the outside. 3)  It acts like a security guard to decide who (or what) can open what doors, and what they’re allowed to do while the doors are open (and who’s allowed to come in from the outside through the open doors).

     The two types of firewalls are hardware-based and software-based.  Hardware-based would be similar to the cable/DSL routers and modems that your ISP gives you (or that you purchase from Wal-Mart or other computer stores).  Software-based are programs installed on the individual computers.

      While the authors of the article make a rightful and valid claim that if you have a hardware-based firewall, you may not need a software-based one, I don’t agree.  I’m a firm believer in ‘layered protection’.  An example is a modem which provides a hardware-based firewall (or a router), one computer with a good solid software-based firewall which acts like a gateway for the network, then the individual computers with their software-based firewalls.  (The one main computer is optional– and in fact, I don’t have one configured.)

     As always, have a great weekend, and be vigilant.  Next week, I’m going to discuss “Keeping Children Safe Online”, which is an article that US-CERT recently sent out as a tip.  Then I’ll go back into the regular schedule (unless something else is sent out that I think is more important).


Leave a comment

Your email address will not be published. Required fields are marked *