what is Firewall ?
Basically, a firewall is a barrier to keep destructive forces away from your property.
In fact, that’s why its called a firewall.
Its job is similar to a physical firewall that keeps a fire from spreading from one area to the next.
A firewall is simply a program or hardware device that filters the information coming through the internet connection into your private network or computer system.
If you work at a company that has hundreds of computers that all have network cards connecting them together. And the company has one or more connections to the internet.
Without a firewall in place, all of those hundreds of computers are directly accessible to anyone on the internet.
A person who known what he or she is doing can probe those computers, try to make FTP connections to them, telnet connections to them and so on.
If one employee makes a mistake and leaves a security hole, backers can get to the machine and exploit the hole. With a firewall in place, at every connection to the internet. The firewall can implement security rules.
what does a firewall do ?
Firewalls use one or more of three methods to control traffic flowing in and out of the network.
Packet filtering – packets(small chunks of data) are analyzed against a set of filters.
Packets that make it through the filters are sent to the requesting system and all others are discarded.
Proxy service – information from the internet is retrieved by the firewall and then sent to the requesting system and vice versa.
Tasteful inspection – a newer method that doesn’t examine the contents of each packet but instead compares certain key parts of the packet to a database of trusted information.
If the comparison yield a reasonable match, the information is allowed through. Otherwise it is discarded.
A software firewall, such as zone alarm, can be installed on the computer in your home that has an internet connection.
One of the best things about a firewall from a security standpoint is that it stops anyone on the outside from logging onto a computer in your private network.