This is a decent introduction to firewalls, published by CERT. From the intro:When anyone or anything can access your computer at any time, your computer is more susceptible to being attacked. You can restrict outside access to your computer and the information on it with a firewall. . . .
Cyber Security Tip ST04-004 Understanding Firewalls When anyone or anything can access your computer at any time, your
computer is more susceptible to being attacked. You can restrict
outside access to your computer and the information on it with a
firewall. What do firewalls do? Firewalls provide protection against outside attackers by shielding
your computer or network from malicious or unnecessary Internet
traffic. Firewalls can be configured to block data from certain
locations while allowing the relevant and necessary data through. They
are especially important for users who rely on "always on" connections
such as cable or DSL modems. What type of firewall is best? Firewalls are offered in two forms: hardware (external) and software
(internal). While both have their advantages and disadvantages, the
decision to use a firewall is far more important than deciding which
type you use. * Hardware - Typically called network firewalls, these external
devices are positioned between your computer or network and your
cable or DSL modem. Many vendors and some Internet Service
Providers (ISPs) offer devices called "routers" that also include
firewall features. Hardware-based firewalls are particularly
useful for protecting multiple computers but also offer a high
degree of protection for a single computer. If you only have one
computer behind the firewall, or if you are certain that all of
the other computers on the network are up to date on patches are
free from viruses, worms, or other malicious code, you may not
need the extra protection of a software firewall. Hardware-based
firewalls have the advantage of being separate devices running
their own operating systems, so they provide an additional line of
defense against attacks. Their major drawback is cost, but many
products are available for less than $100 (and there are even some
for less than $50). * Software - Some operating systems include a built-in firewall; if
yours does, consider enabling it to add another layer of
protection even if you have an external firewall. If you don't
have a built-in firewall, you can obtain a software firewall for
relatively little or no cost from your local computer store,
software vendors, or ISP. Because of the risks associated with
downloading software from the Internet onto an unprotected
computer, it is best to install the firewall from a CD, DVD, or
floppy disk. Although relying on a software firewall alone does
provide some protection, realize that having the firewall on the
same computer as the information you're trying to protect may
hinder the firewall's ability to catch malicious traffic before it
enters your system. How do you know what configuration settings to apply? Most commercially available firewall products, both hardware- and
software-based, come configured in a manner that is acceptably secure
for most users. Since each firewall is different, you'll need to read
and understand the documentation that comes with it in order to
determine whether or not the default settings on your firewall are
sufficient for your needs. Additional assistance may be available from
your firewall vendor or your ISP (either from tech support or a web
site). Also, alerts about current viruses or worms (such as US-CERT's
Cyber Security Alerts, <http://www.us-cert.gov/cas/alerts/>) some-
times include information about restrictions you can implement
through your firewall. Unfortunately, while properly configured firewalls may be effective at
blocking some attacks, don't be lulled into a false sense of security.
Although they do offer a certain amount of protection, firewalls do
not guarantee that your computer will not be attacked. In particular,
a firewall offers little to no protection against viruses that work by
having you run the infected program on your computer, as many
email-borne viruses do. However, using a firewall in conjunction with
other protective measures (such as antivirus software and "safe"
computing practices) will strengthen your resistance to attacks.
_________________________________________________________________ Both the National Cyber Security Alliance and US-CERT have identified
this topic as one of the top ten for home users.
_________________________________________________________________ This document is also available online at <http://www.us-cert.gov/cas/tips/ST04-004.html> Authors: Mindi McDowell, Allen Householder
_________________________________________________________________ Copyright 2004 Carnegie Mellon University Terms of use, see <http://www.us-cert.gov/legal.html>
Only registered users can write comments.
Please login or register. Powered by AkoComment! |
