Chapter 44. How Firewalls Work


Every time a computer is connected to the Internet, it faces potential danger. Corporate local area networks (LANs) connected to the Internet, as well as PCs at homeespecially those connected to a high-speed cable modem or DSL modemare likely targets for hackers.

Due to the Internet's openness, every corporate network connected to it is vulnerable to attack. Crackers on the Internet could theoretically break into the corporate network and do harm in a number of ways: They could steal or damage important data; damage individual computers or the entire network; use the corporate computer's resources; or use the corporate network and resources as a way of posing as a corporate employee. The solution isn't to cut off the network from the Internet. Instead, the company can build firewalls to protect its network. These firewalls enable anyone on the corporate network to access the Internet, but they stop crackers, hackers, and others on the Internet from gaining access to the corporate network and causing damage.

Corporate firewalls are hardware and software combinations that are built using routers, servers, and a variety of software. They sit at the most vulnerable point between a corporate network and the Internet and can be as simple or complex as system administrators want to build them.

One of the simplest kinds of firewalls utilizes packet filtering. In packet filtering, a screening router examines the header of every packet of data traveling between the Internet and the corporate network. Packet headers have information in them such as the IP address of the sender and receiver, the protocol being used to send the packet, and other similar information. Based on that information, the router knows what kind of Internet servicesuch as FTP or rloginis being used to send the data, as well as the identity of the sender and receiver of the data. (The command, rlogin, is similar to Telnet, which enables someone to log into a computer. It can be dangerous because it enables users to bypass having to type in a password.) After this information is determined, the router can bar certain packets from being sent between the Internet and the corporate network. For example, the router could block any traffic except for email. Additionally, it could block traffic to and from suspicious destinations or from certain users.

Proxy servers are also commonly used in firewalls. A proxy server is server software that runs on a host in a firewall, such as a bastion host. Because only the single proxy server (instead of the many individual computers on the network) interacts with the Internet, security can be maintained. That single server can be kept more secure than can hundreds of individual computers on a network.

Home PCs connected to the Internet via high-speed cable modems or DSL modems are targets as well because if hackers can break into them, they can use them as launching pads for their attacks, while covering their tracks. Personal firewalls have become popularsoftware and hardware that sits on a home computer and protects the home computer in similar ways to how corporate firewalls protect corporate LANs.



How the Internet Works
How the Internet Works (8th Edition)
ISBN: 0789736268
EAN: 2147483647
Year: 2004
Pages: 223

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net