How Does a Firewall Work?
What are Firewalls, and How Do They Work?
A firewall is a piece of hardware or software that helps prevent malware and malicious attacks from entering a computer or a network of computers through the Internet. The name firewall comes from the real-world protection that prevents fire from penetrating beyond that point. Firewalls are common barriers between attached garages and a house, and between an automotive engine and the passenger compartment.
The widespread use of firewalls begins after the first known Internet worm, the Morris worm. What was intended to be an honest experiment by a college student to see how many computers were attached to the Internet, the Morris worm ended up causing massive denial-of-service attacks. Estimates of the damage caused the worm range from $10 million to $100 million, but it also showed that Internet service providers at the time were not prepared for the eventuality of such an attack.
Firewalls act as an extra barrier on top of other security measures, such as antivirus software. However, hardware and software firewall systems work in slightly different manners.
Hardware firewalls
Hardware firewalls are systems that are independent of the computers they protect that filter the Internet as information passes into a computer. Most broadband Internet routers have their own firewall built in.
In general, hardware firewalls work by examining the data that flows in from the Internet and verifying whether that information is safe. Simple firewalls, known as packet filters, examine the data itself for information such as its location and its source. Then the information the firewall gathers is compared to a set list of permissions in order to determine whether the information should be dropped or allowed through. As hardware firewalls have become more advanced, they have gained the ability to examine more information.
These types of firewalls have their benefits for home and small businesses because they require little to no set-up, and multiple nodes (computers) can be protected from patching into the same router.
However, the major drawback to typical home-use hardware firewalls is the fact that they only examine the data that is coming in to a computer, and not the data leaving a computer. A person may ask, “Isn’t that the point?” In a way, yes. But oftentimes, malicious software is sent through the Internet disguised in a Trojan horse. The “wrapping” of the data may seem to appear to come from a reliable source, but imbedded into the coding may be the damaging software. Also, some attacks may end in the target computer becoming a zombie or a computer bot, which then begins to broadcast data on a grand scale. Because a hardware firewall does not detect the outgoing information, it won’t consider the rise in traffic or its content.
Software firewalls
There are two main advantages that software firewalls have over hardware ones. The first is that software firewalls can monitor outgoing data traffic. Not only does this prevent a computer from becoming a bot or a zombie, but also it can prevent computers from broadcasting any other malware, such as worms or computer viruses.
The other advantage is that software firewalls are customizable. These programs can be adjusted to meet the needs of the user, such as if they need permissions to be eased up while they’re online gaming or watching an online video.
However, the main disadvantage to software firewalls is that they only protect one computer. Every computer must have its own licensed firewall product. On the other hand, a hardware firewall can protect every computer attached to it.
Additional protection
It is not a bad idea to use both a software and a hardware firewall. Not only will they not interfere with each other, but also they will provide layers of protection that can keep a computer safe.
Also, software firewalls are meant to be used in conjunction with antivirus software. This is because there’s only so much a firewall can prevent. While a firewall can block a known threat, any stealth attempt to break through physical barriers can still go through. This is especially true in social engineering attacks, where the computer user is tricked into bringing the malicious software onto a computer. That’s where having antivirus software as a backup comes in handy, as it can either block or clean up any malware that gets through the first layers of security.
Also, keeping all computer software up to date, especially the operating system software, will help protect the computer against known threats. This also works in assistance with the firewalls to block intrusive attacks.
And it’s also beneficial for all users of a computer to learn what threats they can prevent, especially ones that can get past a firewall. By not clicking on links in instant messages, and not opening attachments on chain e-mails, this can help prevent surprise attacks.
All of these methods combined can help protect a computer and keep it safe and clean.