Securing Your Connection with a Firewall

Previous page
Table of content
Next page

If your network is connected to the Internet, a whole host of security issues bubble to the surface. You probably connected your network to the Internet so that your network's users could get out to the Internet. Unfortunately, however, your Internet connection is a two-way street. It not only enables your network's users to step outside the bounds of your network to access the Internet, but it also enables others to step in and access your network.

And step in they will. The world is filled with hackers who are looking for networks like yours to break into. They may do it just for the fun of it, or they may do it to steal your customers' credit card numbers or to coerce your mail server into sending thousands of spam messages on behalf of the bad guys. Whatever their motive, rest assured that your network will be broken into if you leave it unprotected.

Using a firewall

A firewall is a security-conscious router that sits between the Internet and your network with a single-minded task: preventing them from getting to us. The firewall acts as a security guard between the Internet and your LAN. All network traffic into and out of the LAN must pass through the firewall, which prevents unauthorized access to the network.

Warning 

Some type of firewall is a must-have if your network has a connection to the Internet, whether that connection is broadband (cable modem or DSL), T1, or some other high-speed connection. Without it, sooner or later a hacker will discover your unprotected network and tell his friends about it, and within a few hours your network will be toast.

You can set up a firewall in two basic ways:

  • Firewall appliance: The easiest way. It's basically a self-contained router with built-in firewall features.

    Most firewall appliances include Web-based interfaces that enable you to connect to the firewall from any computer on your network by using a browser. You can then customize the firewall settings to suit your needs.

  • Server computer: Can be set up to function as a firewall computer.

    The server can run just about any network operating system, but most dedicated firewall systems run Linux.

Whether you use a firewall appliance or a firewall computer, the firewall must be located between your network and the Internet, as shown in Figure 10-1. Here, one end of the firewall is connected to a network hub, which is, in turn, connected to the other computers on the network. The other end of the firewall is connected to the Internet. As a result, all traffic from the LAN to the Internet (and vice versa) must travel through the firewall.

image from book
Figure 10-1: A firewall router creates a secure link between a network and the Internet.

The term perimeter is sometimes used to describe the location of a firewall on your network. In short, a firewall is like a perimeter fence that completely surrounds your property and forces all visitors to enter through the front gate.

Warning 

In large networks, it's sometimes hard to figure out exactly where the perimeter is located. If your network has two or more WAN connections, make sure that every one of those connections connects to a firewall and not directly to the network. You can do this by providing a separate firewall for each WAN connection or by using a firewall with more than one WAN port.
Tip 

Some firewall routers can also enforce virus protection for your network. For more information about virus protection, see Chapter 23.

The built-in Windows firewall

Both Windows XP and Vista include a built-in firewall that provides basic packet-filtering firewall protection. In most cases, you're better off using a dedicated firewall router because these devices provide better security features than the built-in Windows firewall does. Still, the built-in firewall is suitable for home networks or very small office networks.

Here are the steps that activate the built-in firewall in Windows XP or Vista:

  1. Choose Start image from book Control Panel.

    The Control Panel appears.

  2. Click the Windows Firewall icon.

    This step opens the Windows Firewall dialog box. Figure 10-2 shows the Windows Vista version.

    image from book
    Figure 10-2: The Windows Vista Firewall dialog box.

  3. Select the On (Recommended) option.

    This option enables the firewall.

  4. Click OK.

    That's all there is to it.

Note that the firewall that's included with Windows Vista has additional options you can configure. However, I recommend against fiddling with those options unless you've taken an upper-division college course in computer security.

Warning 

Do not enable the Windows Internet firewall if you're using a separate firewall router to protect your network. Because the other computers on the network are connected directly to the router and not to your computer, the firewall doesn't protect the rest of the network. Additionally, as an unwanted side effect, the rest of the network will lose the capability of accessing your computer.
Tip 

Beginning with Windows XP Service Pack 2, the firewall is turned on by default. If your computer is already behind a firewall, disable the Windows firewall that's enabled by Service Pack 2.



Previous page
Table of content
Next page
Networking For Dummies
Networking For Dummies
ISBN: 0470534052
EAN: 2147483647
Year: 2004
Pages: 254
Authors: Doug Lowe
BUY ON AMAZON
MySQL Stored Procedure Programming
Absolute Beginner[ap]s Guide to Project Management
OpenSSH: A Survival Guide for Secure Shell Handling (Version 1.0)
Cisco IP Telephony (CIPT) (Authorized Self-Study) (2nd Edition)
Java for RPG Programmers, 2nd Edition
Quantitative Methods in Project Management
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy