| It seems nowadays if you are not online, you don't | | | | son to work and he downloads music on your fast |
| exist. It really does not matter what type of | | | | company internet connection only to introduce your |
| company you run, you should have an online | | | | corporate network with a worm or even worst a |
| presence to let your prospects and clients know | | | | Trojan horse. Service ports that are open to the |
| about your company and services. When you decide | | | | public such as Port 80 HTTP, have know |
| to take the leap onto the Internet there are some | | | | vulnerabilities on the Internet. FTP has many |
| precautions you should take. I have friends who say | | | | vulnerabilities as well. |
| all the time, I really have nothing to hide or worry | | | | Are there different types of firewalls? |
| about. This may be true, but malicious users like to | | | | Yes. There are hardware and software firewalls. You |
| deface websites.Which can ruin you and your | | | | might be even using Zone Alarm or Black Ice |
| businesses reputation. | | | | Defender. These are software based firewalls, the |
| This is a paper about firewalls protecting your | | | | more I study firewall technology I realize that |
| company from outside threats and unauthorized | | | | everything truly is a software firewall. A computer is |
| access. | | | | nothing without software to tell it what to do. |
| A firewall is a great start. Firewalls can be both | | | | Packet Filters |
| hardware and software based. There are many | | | | Packet Filters look at source and destination |
| different firewall vendors some of the bigger names | | | | addresses. This is where firewall rule sets come in to |
| are Cisco, Symantec, and Checkpoint. The difficult | | | | play. The firewall administrator must determine which |
| part is configuring the firewall. This is where many | | | | source and destination ports and addresses to allow |
| intruders bypass security, because the firewall is | | | | or deny. The security administrator needs to keep up |
| poorly configured. | | | | to date with alerts on vulnerabilities as new holes are |
| I would like to mention that there are many Open | | | | found and created daily. A technique known as |
| Source programs and operating systems that offer | | | | spoofing can sometimes fool firewalls but making it |
| great firewall software. I personally believe that | | | | appear that a packet is coming from inside the |
| OpenBSD has one of the most secure operating | | | | protected network when in fact it is an attacker |
| systems and firewall configurations if done right. | | | | changing the source address. |
| FreeBSD also has firewall software, it is called | | | | Application Gateways |
| IPTABLES.IPTABLES offers packet filtering, NAT and | | | | Application Gateways are like errand boys. You |
| you can even change packets in Linux. I have to say | | | | request a file and the application gateway grabs it for |
| you can do anything you want in Linux, because the | | | | you.This is great for logging connections, and setting |
| source code is right there. It's a beautiful thing. Linux | | | | up authentication as well. |
| also uses this; you can build a firewall with the old | | | | Statefull Packet Inspection |
| system sitting in your garage and two Linux | | | | Statefull Packet Inspection is a technique used by |
| compatible network cards.Linux can be hardened, this | | | | Cisco PIX firewalls and Checkpoint Firewalls these |
| means to make the operating system more secure. I | | | | firewalls look at the data coming across the |
| like the tool Bastille Linux its is developed by Jeff | | | | network.It can also authenticate connections, users |
| Beale. To really get a grasp on firewalls you need to | | | | can usually not notice that the firewall is in place. Allot |
| understand TCP/IP and allot of different protocols to | | | | of firewalls now allow you to configure VPN's which is |
| know if you should allow or deny them into your | | | | awesome if you have remote workers and satellite |
| network. IP addresses identify hosts on the Internet | | | | offices and need to transfer data securely. |
| they look like this 127.214.234.54. Firewalls can block | | | | Intrusion Detection is also something to consider, I |
| IP addresses, ports, protocols and even keywords | | | | like SNORT. SNORT can detect known attacks |
| that come into packets. Hackers that want into you | | | | against your system and does a great job at logging |
| network have many different tools at their disposal | | | | them if set up correctly. There are thousands of |
| to try to bypass firewalls. One common attack is | | | | different software and hardware solutions you can |
| known as Denial Of Service or DOS attacks. The | | | | purchase for you home or network. I happen to like |
| attacker simply floods your network, firewalls with so | | | | Open Source, because I like learning and knowledge |
| many packets that it cannot handle them and | | | | and the Open Source community has taught me |
| sometimes crashes. Firewalls are available with DOS | | | | more than the corporate world ever will. A book I |
| filtering to keep these attacks low, and start | | | | would like to recommend that is great for learning |
| dropping packets. | | | | firewalls is called simply enough Building Internet |
| Firewalls do not protect you from internal threats | | | | Firewalls, it is by O'reilly. That is all for now. One last |
| such as employees bringing in viruses from home. Or | | | | tip, backup, backup, backup. |
| remote users using VPN's (virtual Private Networks) | | | | Benjamin Hargis CEO MCP Phuture Networks |
| bypassing your firewall. Think about if you bring your | | | | Free Computer Advice! |