what is firewall?

Answer 1

A firewall is a secure and trusted machine that sits between a private network and a public network. The firewall machine is configured with a set of rules that determine which network traffic will be allowed to pass and which will be blocked or refused. In some large organizations, you may even find a firewall located inside their corporate network to segregate sensitive areas of the organization from other employees. Many cases of computer crime occur from within an organization, not just from outside.

Answer 2

A firewall is an information technology (IT) security device which is configured to permit, deny or proxy data connections set and configured by the organization's security policy. Firewalls can either be hardware and/or software based.

A firewall's basic task is to control traffic between computer networks with different zones of trust. Typical examples are the Internet which is a zone with no trust and an internal network which is (and should be) a zone with high trust. The ultimate goal is to provide controlled interfaces between zones of differing trust levels through the enforcement of a security policy and connectivity model based on the least privilege principle and separation of duties.

A firewall is also called a Border Protection Device (BPD) in certain military contexts where a firewall separates networks by creating perimeter networks in a Demilitarized zone (DMZ). In a BSD context they are also known as a packet filter. A firewall's function is analogous to firewalls in building construction.

Proper configuration of firewalls demands skill from the firewall administrator. It requires considerable understanding of network protocols and of computer security. Small mistakes can render a firewall worthless as a security tool.

Answer 3

In Lamens Terms:

All of the information going in and out of your computer is traveling through information ports. A firewall makes sure that nothing is coming in or out of these ports without you directly accessing that port yourself with the program that you are using. They are not effective against viruses. viruses can be embeded in the programs that you are using. They are mostly effective means of blocking spyware or adware but not 100%. This is what a good 'on-access' virus protection PRG is for.


wow. Look at all these cut and paste responses in here. They get thier info right off of a website and probably still dont even know what it is themselves. Its such a sad world, isn't it?

Answer 4

It pretty much is a protection for your computer. A firewall's basic task is to control traffic between computer networks with different zones of trust.

Answer 5

A software routine that analyzes incoming data packets and forwards them or discards them based on one or more criteria such as address, range of addresses and type (e-mail, file transfer, etc.). Packet filtering is generally performed in a router, in which case the router is known as a "screening router." See firewall, Web filtering and router.

Answer 6

is like a wall in your computer that blocks virus's

Answer 7

Read

Firewalls information:
http://www.microsoft.com/technet/security/topics/networksecurity/firewall.mspx
http://www.microsoft.com/windowsxp/using/security/internet/sp2_wfexceptions.mspx
http://support.microsoft.com/kb/875357
http://www.securityfocus.com/infocus/1750
http://mywebpages.comcast.net/SupportCD/SecureXP.html
http://www.benefit-from-it.com/index.php?fa=securityTips.firewallDownside
http://www.robertmoir.co.uk/secure/WhyFirewallsSuck.html

To disable a firewall:
http://kbserver.netgear.com/kb_web_files/n101177.asp

Answer 8

read your help on windows os that will tell you

Answer 9

A firewall is an information technology (IT) security device which is configured to permit, deny or proxy data connections set and configured by the organization's security policy. Firewalls can either be hardware and/or software based.

A firewall's basic task is to control traffic between computer networks with different zones of trust. Typical examples are the Internet which is a zone with no trust and an internal network which is (and should be) a zone with high trust. The ultimate goal is to provide controlled interfaces between zones of differing trust levels through the enforcement of a security policy and connectivity model based on the least privilege principle and separation of duties.

A firewall is also called a Border Protection Device (BPD) in certain military contexts where a firewall separates networks by creating perimeter networks in a Demilitarized zone (DMZ). In a BSD context they are also known as a packet filter. A firewall's function is analogous to firewalls in building construction.

Proper configuration of firewalls demands skill from the firewall administrator. It requires considerable understanding of network protocols and of computer security. Small mistakes can render a firewall worthless as a security tool.

Contents [hide]
1 History
1.1 First generation - packet filters
1.2 Second generation - circuit level
1.3 Third generation - application layer
1.4 Subsequent generations
2 Types
2.1 Network layer
2.2 Application-layer
2.3 Proxies
3 Network address translation
4 Management
5 Implementations
6 References
7 See also
8 External links



[edit] History
Firewall technology emerged in the late 1980s when the Internet was a fairly new technology in terms of its global use and connectivity. The original idea was formed in response to a number of major internet security breaches, which occurred in the late 1980s. In 1988 an employee at the NASA Ames Research Center in California sent a memo by email to his colleagues that read,

“ We are currently under attack from an Internet VIRUS! It has hit Berkeley, UC San Diego, Lawrence Livermore, Stanford, and NASA Ames. ”

This virus known as Morris Worm was carried by e-mail. The Morris Worm was the first large scale attack on Internet security; the online community was neither expecting an attack nor prepared to deal with one.

[edit] First generation - packet filters
The first paper published on firewall technology was in 1988, when Jeff Mogul from Digital Equipment Corporation (DEC) developed filter systems known as packet filter firewalls. This fairly basic system was the first generation of what would become a highly evolved and technical internet security feature. At AT&T Bill Cheswick and Steve Bellovin were continuing their research in packet filtering and developed a working model for their own company based upon their original first generation architecture.

This type of packet filtering is not responsible for 'statefull' packet inspection, in other words, it's a static set of rules applied to the packets traversing the firewall.


[edit] Second generation - circuit level
From 1980-1990 two colleagues from AT&T Bell Laboratories, Dave Presetto, Howard Trickey and Kshitij Nigam developed the second generation of firewalls known as circuit level firewalls.

This is also referred to as a 'stateful firewall' as it is able to determine if a packet is either a new connection or data that is part of an existing connection. Though there's still a set of static rules involved for configuring this firewall the state of a connection can in itself also trigger specific rules.


[edit] Third generation - application layer
Publications by Gene Spafford of Purdue University, Bill Cheswick at AT&T Laboratories and Marcus Ranum described a third generation firewall known as application layer firewall, also known as proxy based firewalls. Marcus Ranum's work on the technology spearheaded the creation of the first commercial product. The product was released by DEC who named it the SEAL product. DEC’s first major sale was on June 13, 1991 to a chemical company based on the East Coast of the USA.


[edit] Subsequent generations
In 1992, Bob Braden and Annette DeSchon at the University of Southern California (USC) were developing their own fourth generation packet filter firewall system. The product known as “Visas” was the first system to have a visual integration interface with colours and icons, which could be easily implemented to and accessed on a computer operating system such as Microsoft's Windows or Apple's MacOS. In 1994 an Israeli company called Check Point Software Technologies built this into readily available software known as FireWall-1.

A second generation of proxy firewalls was based on Kernel Proxy technology. This design is constantly evolving but its basic features and codes are currently in widespread use in both commercial and domestic computer systems. Cisco, one of the largest internet security companies in the world released their PIX product to the public in 1997.

Some modern firewalls leverage their existing deep packet inspection engine by sharing this functionality with an Intrusion-prevention system (IPS).


[edit] Types
There are three basic types of firewalls depending on:

Whether the communication is being done between a single node and the network, or between two or more networks.
Whether the communication is intercepted at the network layer, or at the application layer.
Whether the communication state is being tracked at the firewall or not.
With regard to the scope of filtered communications there exist:

Personal firewalls, a software application which normally filters traffic entering or leaving a single computer.
Network firewalls, normally running on a dedicated network device or computer positioned on the boundary of two or more networks or DMZs (demilitarized zones). Such a firewall filters all traffic entering or leaving the connected networks.
The latter definition corresponds to the conventional, traditional meaning of "firewall" in networking.

In reference to the layers where the traffic can be intercepted, three main categories of firewalls exist:

Network layer firewalls. An example would be iptables.
Application layer firewalls. An example would be TCP Wrappers.
Application firewalls. An example would be restricting ftp services through /etc/ftpaccess file
These network-layer and application-layer types of firewall may overlap, even though the personal firewall does not serve a network; indeed, single systems have implemented both together.

There's also the notion of application firewalls which are sometimes used during wide area network (WAN) networking on the world-wide web and govern the system software. An extended description would place them lower than application layer firewalls, indeed at the Operating System layer, and could alternately be called operating system firewalls.

Lastly, depending on whether the firewalls keeps track of the state of network connections or treats each packet in isolation, two additional categories of firewalls exist:

Stateful firewalls
Stateless firewalls

[edit] Network layer
Main article: network layer firewall
Network layer firewalls operate at a (relatively) low level of the TCP/IP protocol stack as IP-packet filters, not allowing packets to pass through the firewall unless they match the rules. The firewall administrator may define the rules; or default built-in rules may apply (as in some inflexible firewall systems).

A more permissive setup could allow any packet to pass the filter as long as it does not match one or more "negative-rules", or "deny rules". Today network firewalls are built into most computer operating systems and network appliances.

Modern firewalls can filter traffic based on many packet attributes like source IP address, source port, destination IP address or port, destination service like WWW or FTP. They can filter based on protocols, TTL values, netblock of originator, domain name of the source, and many other attributes.


[edit] Application-layer
Main article: application layer firewall
Application-layer firewalls work on the application level of the TCP/IP stack (i.e., all browser traffic, or all telnet or ftp traffic), and may intercept all packets traveling to or from an application. They block other packets (usually dropping them without acknowledgement to the sender). In principle, application firewalls can prevent all unwanted outside traffic from reaching protected machines.

By inspecting all packets for improper content, firewalls can even prevent the spread of the likes of viruses. In practice, however, this becomes so complex and so difficult to attempt (given the variety of applications and the diversity of content each may allow in its packet traffic) that comprehensive firewall design does not generally attempt this approach.

The XML firewall exemplifies a more recent kind of application-layer firewall.


[edit] Proxies
Main article: Proxy server
A proxy device (running either on dedicated hardware or as software on a general-purpose machine) may act as a firewall by responding to input packets (connection requests, for example) in the manner of an application, whilst blocking other packets.

Proxies make tampering with an internal system from the external network more difficult and misuse of one internal system would not necessarily cause a security breach exploitable from outside the firewall (as long as the application proxy remains intact and properly configured). Conversely, intruders may hijack a publicly-reachable system and use it as a proxy for their own purposes; the proxy then masquerades as that system to other internal machines. While use of internal address spaces enhances security, crackers may still employ methods such as IP spoofing to attempt to pass packets to a target network..


[edit] Network address translation
Main article: Network address translation
Firewalls often have network address translation (NAT) functionality, and the hosts protected behind a firewall commonly have addresses in the "private address range", as defined in RFC 1918. Firewalls often have such functionality to hide the true address of protected hosts.


[edit] Management
The Middlebox Communication (midcom) Working Group of the Internet Engineering Task Force (IETF) is working on standardizing protocols for managing firewalls and other middleboxes.

Middlebox Communications (MIDCOM) Protocol Semantics

[edit] Implementations
Software
Astaro Security Gateway
Outpost Firewall Pro
Check Point VPN-1 (formerly Firewall-1)
Devil-Linux (GPL)
eBox Platform (GPL)
Gibraltar Firewall
ipchains
IPCop (GPL)
ClarkConnect
IPFilter
ipfirewall
Kerio WinRoute Firewall
Microsoft Internet Security and Acceleration Server
Netfilter/iptables
PF (firewall)
SmoothWall Express (GPL)
Symantec
m0n0wall (BSD-style license)
pfSense (BSD-style license)
WinGate (computing)
CHX-I
Shorewall (GPL)
Firestarter (GPL)
ZeroShell Linux based and available as LiveCD and CompactFlash images
Hardware
.vantronix | Security Appliances
Cisco PIX
XNet SN330
DataPower
Ingate
Juniper Networks NetScreen
Secure Computing Sidewinder Appliance
Sonicwall
NetASQ
Fortinet
Lightning MultiCom VPN Firewall
Lucent VPN Firewall
Nokia IP-Series Appliances (w/ Checkpoint VPN-1)
Nortel Stand-alone and Switched Firewall
Sarvega
SofaWare Technologies
Watchguard
ZyXEL ZyWALL

[edit] References